Principal Security Engineer

Job Ad

Principal Security Engineer

We’re looking for a Principal Security Engineer to serve as the technical anchor for Procore’s Security Engineering organization. In this role, you will define the vision for autonomous security sovereignty. You are the strategic lead responsible for building a self-reasoning, self-healing security infrastructure that operates with zero-human intervention for entire classes of threats.

As a Principal Engineer, you will sit at the intersection of Security, AI, Data, and Engineering. You will lead the development of high-assurance, agentic security frameworks that protect our platform, data, and users. This is a high-impact leadership opportunity to shape the global security direction of a rapidly growing platform, leveraging the next generation of LLM-native engineering to protect the data of millions of users Apply today.

This position reports into the Senior Manager, Security Engineering and will be based in the Bengaluru, India office.

What you’ll do:

At Procore, AI isn’t a specialized tool, its a core competency. We expect every team member to be AI-literate, leveraging generative tools and agentic workflows to move faster and work smarter. You won’t just use AI; you’ll be building the agentic future of construction.

• Define the Agentic Strategy: Lead the long-term technical roadmap for moving Procore from traditional Security Engineering to an autonomous security fabric, where agents are the primary drivers of control enforcement and remediation.
• Architect Autonomous Identity Governance: Design and implement next-gen IAM guardrails where agents autonomously manage JML (Joiner-Mover-Leaver) processes, service-to-service authentication, and dynamic, least-privilege PAM.
• Build the Security Brain: Design and deploy the centralized agentic orchestration layer—utilizing LangGraph, Semantic Kernel, and CrewAI—to unify asset inventory, SBOM generation, and real-time attack surface management.
• Engineer Self-Healing Platforms: Partner with product engineering to build paved path infrastructure (Kubernetes, Terraform) that is managed by agents capable of autonomously detecting and correcting drift, misconfigurations, and vulnerabilities.
• Lead Autonomous Threat Modeling: Design agentic workflows that perform continuous, recursive threat modeling and automated "purple teaming" across our microservices architecture.
• Establish Agentic Trust Boundaries: Design the security controls for internal and customer-facing AI, specifically focusing on agentic sandboxing, output verification, and cross-agent authentication.
• M&A and Tech Stack Integration: Perform the technical security assessment of third-party platforms and M&A targets, using agentic tools to rapidly ingest, analyze, and secure diverse tech stacks.
• Force Multiplier & Mentor: Act as a technical catalyst, scaling agentic thinking across all of engineering and mentoring Staff and Senior engineers in building production-grade autonomous systems.
• Technical Advisor: Serve as the authoritative voice for the senior leadership on the security of our AI initiatives and the robustness of our autonomous defense posture.
  
  

• The Master Builder: 8+ years of experience in a high-level technical security role, with at least 4 years focused on large-scale SaaS. You must be an expert software engineer (Python, Go) who happens to specialize in security.
• Agentic Authority: Deep, verifiable experience building and shipping autonomous agent systems in production environments. You are an expert in LLM orchestration, tool-calling protocols, and multi-agent state management.
• Architectural Mastery: Expert-level knowledge of cloud security (AWS preferred) and container orchestration, specifically in designing the trusted execution environments required for agents to act with high privilege.
• Identity & Logic Expert: Mastery of identity protocols (OIDC, OAuth 2.0) and how they translate to agentic identity—ensuring that when an agent acts, its provenance and authority are cryptographically verifiable.
• AI Security Pioneer: Deep understanding of the LLM Attack Surface, from training data poisoning and prompt injection to RAG-based data leakage, with a track record of building production-grade mitigations.
• Strategic Visionary: Proven ability to align complex agentic initiatives with business growth and product velocity, ensuring security is a business enabler rather than a friction point.
• Data Protection Authority: Deep understanding of encryption-at-rest/in-transit and KMS, and how to apply these in an environment where agents must autonomously handle sensitive data.
• Systems Thinker: Ability to treat Prompt Engineering as a formal logic discipline, ensuring that autonomous reasoning is deterministic, testable, and safe.
• Exceptional Communicator: The ability to simplify the extreme complexity of Agentic Security for executive leadership while maintaining technical authority with the engineering front line.