Skip to main content
Tallo logoTallo logo
Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

Principal Product Security Architect & Engagement Lead

Job

Digital Dhara LLC

Tewksbury, MA (In Person)

Full-Time

Posted 1 week ago (Updated 1 day ago) • Actively hiring

Expires 7/24/2026

Review key factors to help you decide if the role fits your goals.
How is this calculated?
Pay Growth
?
out of 5
Not enough data
Not enough info to score pay or growth
Job Security
?
out of 5
Not enough data
Calculating job security score...
Total Score
75
out of 100
Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Role Summary Lead and govern the end-to-end product lifecycle cybersecurity assessment engagement for the customer product, including CRA-aligned security evaluation, architecture assessment, threat modeling, technical oversight, evidence traceability, and executive reporting. Serve as the primary customer interface and ensure all assessment activities are executed in compliance with export-control requirements. Key Responsibilities Lead overall engagement delivery, governance, and customer coordination Conduct product security architecture assessments and threat modeling activities Perform trust boundary analysis and review data flows across product components and external integrations Oversee CRA-aligned assessment methodology, compliance traceability, and lifecycle security evaluation Evaluate operational resilience, recovery considerations, and lifecycle security controls across deployed product environments Review secure-by-design implementation and product security governance practices Guide technical testing activities and validate risk prioritization and exploitability context Review security findings and ensure consistency across technical and compliance outputs Lead executive reporting, release readiness assessment, and remediation discussions Ensure evidence collection and assessment outputs align to CRA requirements Review lifecycle security considerations including secure decommissioning and data disposal practices Enforce export-control compliant handling of personnel, systems, and data Provide final quality assurance and assessment signoff oversight
Required Skills & Experience Mandatory:
Strong experience in product cybersecurity and secure-by-design principles Expertise in threat modelling, architecture review, and trust boundary analysis Strong understanding of product lifecycle security and operational resilience concepts Familiarity with secure
SDLC, SBOM
governance, and vulnerability management practices Strong executive communication and stakeholder management capability Experience across both offensive security and security architecture domains Good to have: Experience leading CRA, regulated product security, or compliance-driven cybersecurity assessments Experience leading engagement in export-controlled environments Preferred Certifications
CISSP, CSSLP, SABSA / TOGAF
(preferred) FedRAMP or regulated environment experience preferred Years of Required Experience 7-10 years in product application security 5+ years in complex customer assessment and regulatory assessment engagements