
Principal Product Security Engineer
4w1 month agoAspen Technology
Bedford, GB · Full-time · $120,900 – $151,100
About this role
Under the direction of the VP of Product Security, this role is a key member for day-to-day operations of Product Security at Aspen Technology. This thought leader will help protect our clients, enable teams to deliver secure development, and position us for future security needs.
Day-to-day activities include developing Threat Models, driving Risk Assessments, reviewing alignment of standard controls, overseeing vulnerability tracking, and ensuring security documentation and compliance with security lifecycle activities. This role also supports compliance documents, secure patch releases, security incidents, and the security champion program.
Working closely with development teams, senior leaders, and teams across the organization, this role mitigates risks, protects customers and assets, and enables secure activities. The Principal Security Engineer will support the development and execution of product security strategic efforts to meet business and technology objectives.
This role will also support continuously improving product security policies, procedures, tools, guidelines, and security awareness. Maintaining a vigilant awareness of industry threats, standards, regulations, and best practices is essential to enhance our security profile.
Requirements
- Deep expertise in product security, including secure development lifecycle, threat modeling, and risk assessment methodologies.
- Experience with vulnerability management, security scanning tools, and triage processes.
- Knowledge of industry security standards, regulations, and best practices (e.g., NIST, ISO 27001, OWASP).
- Proven ability to drive security culture and automation across development teams.
- Experience in security incident response and analysis, including participation in a security emergency response team.
- Strong analytical skills to evaluate emerging threats and assess impact on product security.
- Ability to work collaboratively with cross-functional teams, including development, technology, and senior leadership.
- Familiarity with security documentation, compliance activities, and secure patch release processes.
Responsibilities
- Support the design, implementation, and oversight of Product Secure Development Lifecycle, including security requirements, secure architecture/design, risk assessment, threat models, security scanning, triage and vulnerability management, and product security validation/verification.
- Administer product security practices to product teams, technology, and security champions across the organization.
- Drive Product Security efforts to resolve challenges, enable automation, and impact organization security culture.
- Monitor information security best practices, standards, regulations, industry threats and risks for improvements to product security practices.
- Maintain a deep understanding of current issues in information security, subscribing to major industry newsgroups and mailing lists and assessing impact on systems and practices.
- Monitor security bulletins and alerts from all Aspen Technology’s information system vendors, evaluate vulnerability impact, and formulate and execute risk mitigation plans for product security.
- Serve as a member of the AspenTech Security Emergency Response Team (ASERT) providing expert analysis of security incidents, working with information resource owners and product teams for analysis and recommendations.
- Occasionally perform after hours and weekend work to complete tasks that cannot be done during business hours.
Benefits
- Rich set of career development programs to support professional growth.
- Support of community service projects and opportunities to give back.
- Social events that foster fun and relationship building across our global community.
- Opportunity to work with senior leaders and influence product security strategy.
Similar roles

Endace Platform Engineer
4w1 month agoENS Solutions
Washington, US · Full-time · $130,000 – $160,000

Security Engineer / ISSO Support
4w1 month agoSimple Technology Solutions
Remote · Full-time · $120,000 – $150,000

Vice President, Security Engineering
4w1 month agoGoldman Sachs
Dallas, US · Full-time · $180,000 – $250,000

Senior Vice President - Network Security Engineering Lead
4w1 month agoJefferies
Jersey City, US · Full-time · $200,000 – $275,000