Principal Architect Product Security

Position Summary:

The Principal Architect, Product Security is a senior product security architecture leader responsible for advancing secure-by-design practices across multiple product portfolios, platforms, and business capabilities.

This role partners with product, engineering, platform, cloud, cybersecurity, enterprise architecture, privacy, and risk teams to ensure product designs include appropriate security guardrails from concept through delivery and operation. The Principal Architect translates enterprise cybersecurity strategy into reusable product security patterns, practical engineering requirements, and consistent architecture guidance.

Essential Responsibilities:

• Lead product security architecture across multiple product portfolios or major business capabilities.
• Define and maintain reusable secure design patterns, reference architectures, and technical guardrails.
• Review high-risk product, platform, API, cloud, and integration designs.
• Partner with product and engineering leaders to embed security into planning, design, development, testing, deployment, and operations.
• Translate cybersecurity policies, standards, and risk expectations into practical product security requirements.
• Guide teams on secure implementation of modern application, API, cloud-native, and distributed architectures.
• Establish and lead threat modeling for complex or high-risk products and platforms.
• Identify architecture-level security gaps and recommend pragmatic remediation plans.
• Escalate material risks and provide clear risk narratives to technology and cybersecurity leadership.
• Define expectations for security controls in CI/CD pipelines and developer workflows.
• Guide adoption of SAST, DAST, SCA, container scanning, IaC scanning, secrets detection, and related tooling.
• Partner with engineering teams to improve security testing quality, reduce noise, and increase actionable remediation.
• Contribute to metrics that measure product security maturity, control adoption, and vulnerability reduction.
• Define product security guidance for authentication, authorization, federation, API security, encryption, secrets management, and secure data handling.
• Advise on Zero Trust, least privilege, service-to-service security, and secure integration patterns.
• Partner with cloud and platform teams to embed security into shared engineering services and platform capabilities.
• Serve as a senior product security advisor to product, engineering, cybersecurity, architecture, privacy, compliance, and risk teams.
• Mentor Product Security Architects, engineers, and technical leads.
• Participate in architecture review boards, design forums, and governance processes.
• Contribute to product security standards, maturity models, dashboards, and continuous improvement efforts.

Minimum Experience and Qualifications:

• Bachelors degree in Computer Science, Information Technology, Cybersecurity, Engineering, or related field; OR demonstrated capability to perform job responsibilities with a combination of a High School Diploma/GED and at least four (4) years of previous related work experience.
• Five (5) years of experience in cybersecurity, application security, product security, security architecture, software engineering, cloud security, or related technology roles.
• Five (5) years of experience designing or securing modern applications, APIs, cloud-native services, distributed systems, or digital platforms.
• Experience leading security architecture decisions across multiple product teams or technology portfolios.
• Strong knowledge of secure SDLC, DevSecOps, threat modeling, vulnerability management, application security testing, API security, identity, data protection, and cloud security.
• Experience developing secure design standards, reusable architecture patterns, technical guardrails, or engineering guidance.
• Ability to manage competing priorities in a fast-paced, multi-team environment.
• Must pass a pre-employment drug test.
• Available for occasional overnight travel (10%)
• Must be legally eligible to work in the country in which the position is located.
• Authorization to work in the US is required. This position is not eligible for a visa sponsorship.

Preferred Experience and Qualifications:

• Experience supporting large-scale customer-facing applications, digital platforms, mobile applications, ecommerce, loyalty, APIs, or cloud-native services.
• Experience in aviation, transportation, financial services, healthcare, retail, or another regulated or operationally complex environment.
• Experience building or scaling Product Security, Application Security, or DevSecOps practices.
• Experience with AWS, Azure, GCP, Kubernetes, containers, serverless platforms, API gateways, WAF technologies, secrets management, CI/CD, and policy-as-code.
• Knowledge of OWASP Top 10, OWASP API Security Top 10, OWASP ASVS, and Zero Trust principles.
• Experience influencing enterprise architecture boards, technology governance forums, or risk committees.
• CISSP, CSSLP, CCSP, SABSA, AWS Security Specialty, Azure Security Engineer, or equivalent certification preferred.

Crewmember Expectations:

• Regular attendance and punctuality.
• Potential need to work flexible hours and be available to respond on short notice.
• Able to maintain a professional appearance.
• When working or traveling on JetBlue flights, and if time permits, all capable crewmembers are asked to assist with light cleaning of the aircraft.
• Must be an appropriate organizational fit for JetBlues culture and exhibit the JetBlue values of Safety, Caring, Integrity, Passion, and Fun.
• Promote JetBlues number one value of Safety as a Safety Ambassador, supporting JetBlues Safety Management System components, Safety Policy, and behavioral standards.
• Identify safety and/or security concerns, issues, incidents, or hazards that should be reported and report them whenever possible by any means necessary including JetBlues confidential reporting systems (Aviation Safety Action Program (ASAP) or Safety Action Report (SAR)).
• The use of ChatGPT or any other automated tool during the interview process will disqualify a candidate from being considered for the position.

Equipment:

• Computer and other office equipment.

Work Environment:

• Traditional office environment.

Physical Effort:

• Generally not required, or up to 10 pounds occasionally, 0 pounds frequently. (Sedentary)

Compensation:

• The base pay range for this position is between $118,800.00 and $177,100.00 per year. Base pay is one component of JetBlues total compensation package, which may also include performance bonuses, restricted stock units, as well as access to healthcare benefits, a 401(k) plan and company match, crewmember stock purchase plan, short-term and long-term disability coverage, basic life insurance, free space available travel on JetBlue, and more.

#LI-AC1

#LI-Hybrid