Product Security Architect

Description The application window will close August 5, 2026. Job Location The primary work location for this role is East Coast with a remote work model. About Envestnet Envestnet is an adaptive WealthTech company that is redefining the future of wealth management by helping advisors meet the moment with its comprehensive technology, actionable insights, and industry leading support. Backed by over 25 years of experience and approximately $7.0 trillion in platform assets, Envestnet is trusted by over one third of financial advisors across leading banks, wealth managers, brokerages, and RIAs. For a deeper look at how Envestnet is shaping the future of financial advice, visit www.envestnet.com . The Team You'll Join This role is responsible for ensuring that products are secure by design by embedding security principles early in the product lifecycle. This role focuses on architecture‑level security, threat modeling, and design advisory The position sits within a Product Security function and works closely with product, engineering and within cybersecurity teams to strengthen the security posture of Envestnet's platforms. How You ' ll Contribute Secure Product & Platform Architecture Partner with product managers, solution architects, and engineering teams to integrate security requirements from the requirements and design stages of product development. Review and assess product, platform, and AI system architectures (including LLM‑based features, RAG pipelines, and agentic workflows) and recommend security improvements at the architectural level. Define and enforce security architecture patterns and standards for applications, APIs, distributed systems, and AI-enabled components. Ensure supply chain risks are addressed at design and architecture level. Act as a trusted advisor to Product Managers and Engineering Leaders.

Embed security considerations into:

Product strategy and roadmap planning Feature prioritization and design trade-offs Contribute to the continuous improvement of product security architecture practices across the organization. Threat Modeling & Design Reviews Lead and facilitate product‑level threat modeling and security design reviews, focusing on architecture, data flows, trust boundaries, and attack surfaces rather than source code. Lead threat modeling and security design reviews for AI‑ and LLM‑based applications, focusing on: Prompt injection and model manipulation Data leakage and training data exposure Model misuse, over‑privileged agents, and unsafe autonomy Trust boundaries between users, systems, models, and third‑party providers Identify systemic design risks and work with engineering teams to drive remediation through secure design changes. Security Requirements & Standards Define product security requirements related to encryption, identity, authentication, authorization, secrets handling, and secure configuration. Establish secure‑by‑design AI patterns and documented anti‑patterns and socialize them with product and engineering teams. Influence enterprise AI security standards and governance by providing architectural input grounded in real product design decisions. Ensure alignment with industry standards and frameworks such as OWASP, NIST and applicable regulatory requirements. Socialize security standards and architectural guidance with development and product teams through documentation and reviews.

Guide architectural decisions around:

Data exposure risks Model integration patterns Abuse and misuse scenarios Cross‑Functional Collaboration & Advisory Collaborate with product and engineering teams on secure adoption of AI/LLM capabilities. Participate in Architecture Review Board meetings. Act as a liaison between product engineering teams and the broader security organization to ensure architectural decisions meet security expectations. Serve as a trusted security advisor to Product Managers and Engineering Leaders, influencing design trade‑offs involving AI capabilities, risk, and compliance. Adherence to and application of Envestnet legal, compliance, risk, business continuity and administrative policy within the role and department(s) including the timely completion of training & awareness, affirmations and testing as requested. As part of the responsibilities for this role, you will understand and readily support Envestnet's established corporate business practices, policies, internal controls and procedures designed to create value or minimize risk. What You ' ll Need to Bring Bachelor's/Master's in Computer Science, Cybersecurity, or related field. 12 years in product security, architecture, or software engineering. Certifications (optional):

CISSP, CSSLP, CCSP.

Strong experience in product or application security architecture, with a focus on design‑level security preferably in a financial services industry. Hands‑on experience with threat modeling, security architecture reviews, and secure system design including AI-enabled systems. Solid understanding of modern application architectures, including microservices, APIs, and cloud‑native platforms. Working knowledge of AI/LLM concepts, including model integration patterns, RAG architectures, and agentic workflows. Knowledge of identity and access management, encryption standards, and secure integration patterns. Familiarity with industry frameworks such as OWASP, NIST, and security requirements for regulated environments including emerging AI governance practices. Strong communication skills to influence design decisions without direct ownership of delivery teams. Ability to translate security risks into clear architectural guidance for product and engineering teams. Why You'll Enjoy Working at Envestnet Help shape the future of WealthTech. At Envestnet you'll gain hands-on experience and collaborate with some of the industry's brightest minds to deliver meaningful, innovative solutions that make a real difference. We value flexibility in how and where work gets done, and we recognize strong performance with meaningful rewards—because your contributions should drive both business success and your own personal growth. If you're looking for a place where your work has impact, your development is supported, and your contributions are truly valued, Envestnet is where you can build your future. The opportunity is now! Sponsorship This position is not open to candidates requiring visa sponsorship Our Investment in You This role offers a base salary range of $182,000.00 to $228,000. The range listed represents a good-faith estimate of base salary compensation for this position and does not include incentive compensation, equity or benefits. Individual pay will be determined based on factors including, but not limited to, relevant experience, skills, education, certifications, and geographic location, in accordance with applicable pay transparency laws. This role is eligible for an additional incentive component as part of the total rewards package. We provide a comprehensive suite of benefits - subject to Envestnet's plan eligibility rules - that support your overall well-being including, medical insurance, paid time off (PTO), 401k company match, paid parental leave, education reimbursement, disability coverage and mental health & wellness support. Our investment in you means supporting you professionally, financially, and personally at every stage of your journey with us. Please visit our benefits page on our career site to learn more. Our Commitment to Inclusion & Belonging Envestnet is an Equal Opportunity Employer and is committed to creating an inclusive environment for all employees and applicants. We welcome and value individuals of all backgrounds and do not discriminate based on race, color, religion, creed, sex (including pregnancy or related medical conditions), gender identity or expression, sexual orientation, national origin, ancestry, age, disability, genetic information, military or veteran status, citizenship status, or any other status protected by applicable law. We encourage individuals from all backgrounds to apply. We strive to provide an inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation, please contact us at careers@envestnet.com. Please include your full name, the title of the role you are applying for, and the accommodation necessary to assist you with the recruiting process. Recruitment Fraud At Envestnet, safeguarding the trust and safety of job seekers is a top priority. We are aware that scammers may impersonate Envestnet recruiters or create fake job opportunities to deceive candidates. Review the information on our recruitment fraud awareness page to help you recognize and avoid recruitment fraud.