Job Description
TriNet is a leading provider of comprehensive human resources solutions for small to midsize businesses (SMBs). We enhance business productivity by enabling our clients to outsource their HR function to one strategic partner and allowing them to focus on operating and growing their core businesses. Our full-service HR solutions include features such as payroll processing, human capital consulting, employment law compliance and employee benefits, including health insurance, retirement plans and workers compensation insurance.
TriNet has a nationwide presence and an experienced executive team. Our stock is publicly traded on the NYSE under the ticker symbol TNET. If you're passionate about innovation and making an impact on the large SMB market, come join us as we power our clients business success with extraordinary HR.
Don't meet every single requirement Studies have shown that many potential applicants discourage themselves from applying to jobs unless they meet every single requirement. TriNet always strives to hire the most qualified candidate for a particular role, ensuring we deliver outstanding results for our small and medium-size customers. So, if you're excited about this role but your past experience doesn't align perfectly with every single qualification in the job description, nobody's perfect and we encourage you to apply. You may just be the right candidate for this or other roles.
A Brief Overview
As a Principal Security Architect focused on the Product and Application Security domain, this role serves in two complementary capacities. First, it is responsible for defining and embedding security architecture, standards, and practices into TriNet's Value Creation Process, ensuring that security is integrated by design across the product and application lifecycle. Second, the role acts as a consultative reviewer and advisor for individual solutions, providing architectural guidance, risk insight, and design feedback as they progress through the Value Creation Process. Together, these responsibilities ensure that security is both scalable as a process and applied thoughtfully to individual products.
Although you will collaborate with other security architects who have deep expertise in adjacent domains, a strong understanding of all security architecture domains is important to effectively embed security into the Value Creation Process and provide informed guidance on individual product and application designs. These domains include Identity and Access Management, Cloud Security, Endpoint Security, Security Operations, and Governance, Risk, and Compliance.
The successful candidate will be a trusted advisor to engineering and product leaders, combining deep technical expertise with strong communication skills. This role is both strategic and handson, shaping how security is embedded into the Value Creation Process while also guiding architecture decisions and risk tradeoffs for individual products and applications as they are designed and delivered at scale.
What You Will Do
- Maintain awareness of TriNet's product and application architectures and their alignment to the threat landscape, regulatory requirements, and business risk tolerance.
- Act as a subject-matter expert in application security architecture, including web applications, APIs, microservices, and distributed systems.
- Define, create, and drive adoption of secure design patterns, reference architectures, policies and standards for product and application development, and secure coding guidelines and practices.
- Drive the integration of application security controls into the SDLC and CI/CD pipelines, including SAST, DAST, SCA, secret scanning, and IaC/PaC/SaC where applicable.
- Partner with product and engineering teams early in the exploration and design phases to perform architecture and design reviews.
- Coordinate integration of security services into internally and externally-facing solutions.
- Maintain awareness of the architecture of TriNet cloud environments and their relationships to the threat landscape and compliance requirements; be able to communicate same.
- Raise and manage the remediation of issues related to gaps in product and application security.
- Maintain awareness of how TriNet cloud environments influence product and application security risk.
- Contribute to TriNet security policies, standards, and guidelines related to product and application security.
- Communicate to security and technology leadership the status of projects and issues related to product and application security.
- Research the latest product and application tools, techniques, and leading practices.
- Find opportunities to enhance control or process efficiency and effectiveness and provide recommendations for same. This includes enhancement through automation and developer/engineer enablement.
Education Qualifications
- Bachelor's degree in computer engineering, cyber security, or related field
- Master's degree preferred
Experience Qualifications
- Typically 12+ years of related experience, including at least 6 years of experience in a security role, 3 years experience in a defensive application security role and working directly with software engineering teams, and 3 years of work experience as a security architect.
- Experience designing and reviewing secure application and API architectures
- Experience driving the implementation of application security tooling (SAST, DAST, SCA, API security, secrets management)
- Experience integrating security into CI/CD pipelines and developer workflows
- Experience with cloud-native application architectures (e.g., microservices, Kubernetes) as they relate to application security
- Experience presenting and influencing at the engineering leadership and executive level
- Experience working effectively within a globally distributed organization, collaborating across time zones, cultures, and functional teams to drive consistent security outcomes
Skills And Abilities
- Practical knowledge of control frameworks such as the NIST CSF, Center for Internet Security's Critical Security Controls (v8), OWASP SAMM, ASVS, and Top 10
- Practical knowledge of the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) framework
- Knowledge of identity, authentication, authorization, and secure API design
- Strong risk management mindset with the ability to balance security and business outcomes
- Ability to communicate complex technical concepts to non-technical audiences
- Excellent problem-solving, analytical, and collaboration skills
- Demonstrated commitment to ethical standards and a diverse, inclusive workplace
Licenses and Certifications
- At least one certification related to application security or secure development (e.g., CSSLP, GWEB, CASE)
- General cloud or Kubernetes security certification preferred (e.g., CKS, CCSK, CCSP, GCSA)
- General security certification preferred (e.g., CISSP, GIAC)
- General security architecture certification preferred (e.g., SABSA SCF, ISSAP)
- Cloud and container certifications are preferred but are not the primary focus
Work Environment
- Work in clean, pleasant, and comfortable office or home setting. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable persons with disabilities to perform the essential functions.
- This position is 100% in office.
Please Note: TriNet reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Position functions and qualifications may vary depending on business necessity.
TriNet is an Equal Opportunity Employer and does not discriminate against applicants based on race, religion, color, disability, medical condition, legally protected genetic information, national origin, gender, sexual orientation, marital status, gender identity or expression, sex (including pregnancy, childbirth or related medical conditions), age, veteran status or other legally protected characteristics. Any applicant with a mental or physical disability who requires an accommodation during the application process should contact [Confidential Information] to request such an accommodation.
