Principal Software Engineer - Secrets
Remote
At Pulumi, you will be challenged, learn, teach, and collaborate with an elite team of great people.
In order to succeed at Pulumi, you will need to resonate with the following values:
- We succeed and fail as a team
- An inclusive environment bubbles the best ideas to the top
- Our customers sit at the center of every decision
- We achieve the best results through openness and honesty, even when uncomfortable
- Work smart, but bias for action and results
- Our natural curiosity for technology keeps us always learning
- Think big, dream, and define the future of engineering in the cloud
While Pulumi is headquartered in Seattle, WA., we are dedicated to being a remote-first company. This role will be located remotely in the United States.
About the Role:
As a Principal Software Engineer specializing in Security and Secrets Management, you will lead the evolution of our Environments, Secrets, and Configuration (ESC) platform, building the next generation of secrets management and orchestration. Your work will be at the forefront of designing scalable, secure, and user-friendly solutions that enable developers to manage sensitive data, credentials, and configurations across diverse environments.
Your work will directly impact how organizations securely manage sensitive data, access credentials, and cryptographic keys at scale, safeguarding our users and partners. This is a hands-on technical leadership role where you will collaborate across engineering, product, and security teams to build cutting-edge solutions in cloud-native environments.
Key Responsibilities:
- Architect and lead the development of innovative secrets management solutions within the Pulumi ESC platform, enabling seamless and secure handling of sensitive data.
- Develop secure, high-performance services that provide configuration, encryption, and access control across multi-cloud and on-prem environments.
- Collaborate with engineering and security teams to enforce the highest standards of secure development practices throughout the software lifecycle.
- Lead design and implement fault-tolerant, scalable systems to manage secrets in highly distributed environments.
- Conduct security assessments and threat modeling, and provide technical leadership on projects to continuously enhance the platform’s security posture.
- Mentor engineering teams on best practices for secure code development and zero-trust architectures.
- Stay at the cutting edge of security and secrets management trends, pushing Pulumi to deliver innovative, reliable, and user-friendly solutions.
- Influence and drive cross-functional initiatives to shape the future of secrets orchestration and configuration management at Pulumi.
Qualifications:
- 8+ years of professional software engineering experience in security, infrastructure, or distributed systems.
- Proven experience building and maintaining security-focused software solutions, especially in secrets management, cryptography, or access control.
- Deep understanding of modern security architectures, zero-trust models, and distributed systems security.
- Expertise in programming languages such as Go, Python, or Rust.
- Experience with cloud-native environments, containers, and orchestration tools like Kubernetes and Docker.
- Strong understanding of multi-cloud architectures (AWS, GCP, Azure) and hybrid environments.
- Familiarity with compliance frameworks (SOC 2, HIPAA, PCI-DSS) and secure coding standards.
- Excellent leadership and collaboration skills, with a proven ability to mentor engineers and advocate for secure engineering principles.
Preferred Qualifications:
- Experience with large-scale distributed systems and multi-cloud infrastructure management.
- Hands-on experience with specific security technologies such as PKI, OIDC, OAuth, etc.
- Hands-on experience with configuration management tools and secure key handling in complex environments.
- Track record of contributing to or leading security initiatives in open-source projects.
- Familiarity with secrets management solutions in cloud-native environments.
Compensation:
- Base Salary Hiring Range: $180,500 - $227,850
- All full-time employee offers at Pulumi include base salary, bonus or variable, equity and benefits (details below).
Pulumi Benefits:
- Health: We provide comprehensive medical, dental, vision, and supplemental insurance at no cost to U.S. employees, and comply with local health benefit requirements internationally.
- Time Off: We have an unlimited Personal Time Off (PTO) policy and require employees to take at least three weeks off annually, in addition to 13 U.S. holidays.
- 401K: We offer a 401(k) with an employer match for U.S. employees to support long-term financial security.
- Parental Leave: We provide 20 weeks of paid leave for the birthing parent or primary caregiver and 16 for the non-birthing parent or secondary caregiver.
- Remote-First: Our workforce is fully remote, spanning over 20 states and 12 countries. We encourage asynchronous collaboration and support remote work with an annual "work from anywhere" fund.
- Professional Development: Each employee receives an annual development budget, reinforcing our commitment to continuous learning.
- Equity: As a growing startup, all employees receive equity and are encouraged to be frugal, scrappy, and to act like owners.
- Additional Funds: We offer a monthly wellness fund for physical or mental well-being and a quarterly happiness fund for personal and team use.
About Pulumi:
Pulumi is reimagining how teams build cloud software, enabling developers and infrastructure experts to work better together through a unique combination of programming languages, tools, and systems innovation.
Our flagship infrastructure as code technology is open source and our SaaS product, Pulumi Cloud, provides platform teams, secrets management, and cloud management capabilities, and more. We have pioneered leveraging AI across all of these areas with our LLM-powered Pulumi Copilot to push the boundaries of what's possible. At Pulumi, we dream big, in the pursuit of helping our customers out-innovate and win.
Founded in 2017 by industry veterans with over five decades of combined experience building developer platforms, Pulumi now has a global community of more than 350,000 members and serves over 3,250 customers. Despite our rapid growth, we're still only getting started, and are early in our mission to democratize the cloud. If you thrive in a fast-paced, high-performance, we want to work with you to accelerate Pulumi's impact.
At Pulumi, we don't just accept difference, we celebrate, support, and thrive on it for the benefit of our employees, our products, and our customers. Pulumi is proud to be an equal opportunity workplace and is committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. If you have a disability or special need that requires accommodation, please let us know.
ApplyJob Profile
RestrictionsUnited States
Benefits/PerksAnnual development budget Base salary Bonus Collaborative environment Continuous learning Dental Equity Fully remote Happiness fund Learning opportunities Medical Monthly wellness fund Parental leave Professional development Quarterly happiness fund Remote-first company Remote work Vision Wellness fund
Tasks- Architect solutions
- Collaborate with engineering
- Collaborate with teams
- Conduct security assessments
- Develop secure services
- Drive cross-functional initiatives
- Drive initiatives
- Hiring
- Lead design
- Mentor engineers
- Stay updated on trends
- Technical Leadership
Access Control AI AWS Azure Cloud Cloud Infrastructure Cloud infrastructure management Cloud native Collaboration Compensation Compliance frameworks Containers Cryptography Distributed Systems Docker Engineering GCP Go HIPAA Infrastructure Infrastructure as Code Kubernetes Leadership Multi-cloud Open Source Programming Pulumi Python Rust SaaS Secrets management Secure coding standards Security SOC 2 Software Engineering Zero-Trust Architectures
Experience8 years
Education Timezones