SIGN IN
Principal Security Engineer - Vulnerability Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

Stitch Fix · 16 hours ago

Principal Security Engineer - Vulnerability Management

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$120K/yr - $200K/yr
date6+ years exp
Stitch Fix is the leading online personal styling service that helps people discover styles that fit perfectly. They are seeking a Principal Security Engineer specializing in Vulnerability Management to lead security initiatives, implement best practices across various environments, and ensure compliance while collaborating closely with Platform and Development teams.
RetailE-CommerceFashionApparel
check
H1B Sponsor Likelynote

Responsibilities

Collaborate to develop innovative security solutions, leveraging the right tools while contributing to design and architecture across multiple systems
Work closely with the team to develop effective solutions, leveraging the right tools while contributing to design and architecture across multiple systems
Be the first to step in, tackle challenges head-on, and do what it takes to protect and secure our organization
Ensure that technology solutions address real business challenges. Your insights are valued by both team members and business partners, who look to you for guidance on how our security initiatives should function. You're not afraid to ask tough questions, challenge assumptions, and engage with customers, stakeholders, and executives to drive meaningful outcomes

Qualification

Vulnerability ManagementAWSInfrastructure as CodeSecurity Tools IntegrationScripting LanguagesCommunication SkillsCollaborationContinuous LearningMentoring

Required

6+ years of experience in Security, preferably in a Vulnerability Management or similar role (Code defects, dependencies, containers, risk of exposure and exploitability)
Experience leading and assisting with Vulnerability remediation, documentation, and leading remediation efforts in close collaboration with the org
Proficient with the vulnerability management lifecycle and hands on involvement in orchestrating automated solutions
Understanding of common risk, attack techniques, and exploitability such as supply chain attacks
Intermediate to advanced knowledge of APT groups, TTPs (Tactics, Techniques, and Procedures)
AWS experience is required; familiarity and high degree of proficiency with AWS services (e.g., Route53, IAM, Security Groups, SNS, S3, Lambdas, CloudWatch, Cloud Trail)
Hands-on experience with AWS environments, particularly in a security context; familiarity with AWS security services (e.g., Security Hub, GuardDuty, Macie)
Hands on working knowledge of Infrastructure as Code (IaC) concepts and tools such as Terraform and Docker
Understand the use of CI/CD pipelines and their role in a security context
Experience optimizing and integrating solutions (e.g., Jira, JupiterOne, PaloAlto Prisma)
Ability to interpret findings based on CVSS and proprietary scoring, and escalate potential security threats and findings to various stakeholders
Proficient with scripting languages such as Python, developing automation and security workflows
Proficient with infrastructure as code in Terraform, or Pulumi, or Cloud Formation
Ability to follow established security procedures and lead remediation efforts
Strong written communication skills for security documentation and reporting
Ability to collaborate with cross-functional teams and assist in security investigations
Knowledge of common development practices, tools and how it applies in a security context
Eager and willing to learn and develop new skills in security automation and cloud security
Have the ability and experience to mentor and develop junior team members, fostering growth within the team

Benefits

Comprehensive compensation packages
Inclusive health and wellness benefits

Company

Stitch Fix

twittertwittertwitter
Glassdoor3.2
company-logo
Stitch Fix is a personal styling platform that delivers curated and personalized apparel and accessory items for women.
dateFounded in 2011
location
San Francisco, California, USA
people-size1001-5000 employees
web-link
http://stitchfix.com

H1B Sponsorship

Stitch Fix has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (22)
2024 (18)
2023 (17)
2022 (45)
2021 (34)
2020 (30)

Funding

Current Stage
Public Company
Total Funding
$54.35M
Key Investors
BenchmarkBaseline Ventures,Lightspeed Venture Partners
2017-11-17IPO
2017-11-09Series Unknown· $11.85M
2014-06-10Series C· $25M

Leadership Team

leader-logo
Katrina Lake
Founder, CEO --> Executive Chairperson
linkedin
leader-logo
Matt Baer
Chief Executive Officer
linkedin

Recent News

Retail Dive
A look at retail’s year of AI news
2025-12-24
Retail Dive
Stitch Fix begins to stem active client losses as attention turns to personalization
2025-12-11
Business Wire
Stitch Fix Unveils the Top Trends of Women’s Fashion in 2025 and the Style Shift to Watch for in 2026
2025-12-11
Company data provided by crunchbase