The Secure Software Development (SSD) team is seeking a Principal Product Security Engineer to step into the role of Senior Technical Advisor.
In this critical strategic role, you will act as the "technical right hand" to the SSD Senior Manager.
You will be responsible for defining the architectural vision that unifies Code Security (RH-SDLC) and Supply Chain Security (Pipelines).
Your day-to-day focus will be organizational strategy, high-level architecture, and technical mentorship.
Philosophy: You are an enabler, not a gatekeeper.
You will leverage your Principal-level engineering expertise to guide decision-making, remove blockers, and drive innovation without slowing down the development lifecycle.
What you will do Act as the primary technical advisor to the Senior Manager and leadership team, providing risk assessments and insights to guide organizational decisions.
Define and own the long-term technical strategy for the SSD team, while contributing to the broader PSRD roadmap to balance security with developer velocity.
Serve as the final escalation point for complex technical hurdles, architectural disagreements, and critical security risks.
Help to architect comprehensive security standards including Threat Modeling, Code Review, and automated testing (SAST/DAST) implementation within the RH-SDLC.
Design secure pipeline architectures (CI/CD, Build Systems) utilizing tools like Konflux, ensuring valid attestations and integrity.
Drive innovation across the full software lifecycle, ensuring security consistency from initial commit (build-time) to final deployment (runtime).
Orchestrate technical alignment across operational teams, bridging the gap between product development and supply chain infrastructure.
Champion a culture of knowledge sharing, ensuring architectural patterns are consistent across all domains.
Partner with Program Management to assess the technical feasibility of new initiatives and innovations.
Lead the technical refinement of the roadmap, translating high-level business goals into executable engineering tasks.
Conduct high-level reviews of implemented improvements to ensure they meet architectural quality and security standards.
What you will bring Deep Expertise in AppSec: Proven experience designing SAST/DAST workflows, defining secure coding standards, and leading Threat Modeling sessions.
Supply Chain Security: Hands-on architecture experience with CI/CD security, build systems (e.g., Konflux, Tekton, Jenkins), and software attestations (SBOMs, SLSA).
Strategic Thinking: Ability to translate complex technical security risks into clear business language for leadership.
Holistic Architecture: Proven ability to design systems that span multiple teams and domains, specifically bridging the gap between Application Code and Infrastructure Pipelines.
About Red Hat is the world's leading provider of enterprise software solutions, using a community-powered approach to deliver high-performing Linux, cloud, container, and Kubernetes technologies.
Spread across 40+ countries, our associates work flexibly across work environments, from in-office, to office-flex, to fully remote, depending on the requirements of their role.
Red Hatters are encouraged to bring their best ideas, no matter their title or tenure.
We're a leader in open source because of our open and inclusive environment.
We hire creative, passionate people ready to contribute their ideas, help solve complex problems, and make an impact.
Inclusion at Red Hat Red Hat's culture is built on the open source principles of transparency, collaboration, and inclusion, where the best ideas can come from anywhere and anyone.
When this is realized, it empowers people from different backgrounds, perspectives, and experiences to come together to share ideas, challenge the status quo, and drive innovation.
Our aspiration is that everyone experiences this culture with equal opportunity and access, and that all voices are not only heard but also celebrated.
We hope you will join our celebration, and we welcome and encourage applicants from all the beautiful dimensions that compose our global village.
Equal Opportunity Policy (EEO) Red Hat is proud to be an equal opportunity workplace and an affirmative action employer.
We review applications for employment without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, ancestry, citizenship, age, veteran status, genetic information, physical or mental disability, medical condition, marital status, or any other basis prohibited by law.
Red Hat does not seek or accept unsolicited resumes or CVs from recruitment agencies.
We are not responsible for, and will not pay, any fees, commissions, or any other payment related to unsolicited resumes or CVs except as required in a written contract between Red Hat and the recruitment agency or party requesting payment of a fee.
Red Hat supports individuals with disabilities and provides reasonable accommodations to job applicants.
If you need assistance completing our online job application, email .
General inquiries, such as those regarding the status of a job application, will not receive a reply.