Principal Software Engineer - Security

At Pulumi, you will be challenged, learn, teach, and collaborate with an elite team of great people.

In order to succeed at Pulumi, you will need to resonate with the following values:

• We succeed and fail as a team
• An inclusive environment bubbles the best ideas to the top
• Our customers sit at the center of every decision
• We achieve the best results through openness and honesty, even when uncomfortable
• Work smart, but bias for action and results
• Our natural curiosity for technology keeps us always learning
• Think big, dream, and define the future of engineering in the cloud

While Pulumi is headquartered in Seattle, WA., we are dedicated to being a remote-first company. This role will be located remotely in the United States.

About the Role:

As a Principal Software Engineer specializing in Security and Secrets Management, you will lead the evolution of our Environments, Secrets, and Configuration (ESC) platform, building the next generation of secrets management and orchestration. Your work will be at the forefront of designing scalable, secure, and user-friendly solutions that enable developers to manage sensitive data, credentials, and configurations across diverse environments.

Your work will directly impact how organizations securely manage sensitive data, access credentials, and cryptographic keys at scale, safeguarding our users and partners. This is a hands-on technical leadership role where you will collaborate across engineering, product, and security teams to build cutting-edge solutions in cloud-native environments.

Key Responsibilities:

• Architect and lead the development of innovative secrets management solutions within the Pulumi ESC platform, enabling seamless and secure handling of sensitive data.
• Develop secure, high-performance services that provide configuration, encryption, and access control across multi-cloud and on-prem environments.
• Collaborate with engineering and security teams to enforce the highest standards of secure development practices throughout the software lifecycle.
• Lead design and implement fault-tolerant, scalable systems to manage secrets in highly distributed environments.
• Conduct security assessments and threat modeling, and provide technical leadership on projects to continuously enhance the platform’s security posture.
• Mentor engineering teams on best practices for secure code development and zero-trust architectures.
• Stay at the cutting edge of security and secrets management trends, pushing Pulumi to deliver innovative, reliable, and user-friendly solutions.
• Influence and drive cross-functional initiatives to shape the future of secrets orchestration and configuration management at Pulumi.

Qualifications:

• 8+ years of professional software engineering experience in security, infrastructure, or distributed systems.
• Proven experience building and maintaining security-focused software solutions, especially in secrets management, cryptography, or access control.
• Deep understanding of modern security architectures, zero-trust models, and distributed systems security.
• Expertise in programming languages such as Go, Python, or Rust.
• Experience with cloud-native environments, containers, and orchestration tools like Kubernetes and Docker.
• Strong understanding of multi-cloud architectures (AWS, GCP, Azure) and hybrid environments.
• Familiarity with compliance frameworks (SOC 2, HIPAA, PCI-DSS) and secure coding standards.
• Excellent leadership and collaboration skills, with a proven ability to mentor engineers and advocate for secure engineering principles.

Preferred Qualifications:

• Experience with large-scale distributed systems and multi-cloud infrastructure management.
• Hands-on experience with specific security technologies such as PKI, OIDC, OAuth, etc.
• Hands-on experience with configuration management tools and secure key handling in complex environments.
• Track record of contributing to or leading security initiatives in open-source projects.
• Familiarity with secrets management solutions in cloud-native environments.

Compensation:

• Base Salary Hiring Range:  $180,500 - $227,850
• All full-time employee offers at Pulumi include base salary, bonus or variable, equity and benefits (details below).