Ethos

About the Company

Ethos makes getting life insurance instant and easy. Our approach blends technology and industry expertise, and the human touch to deliver an incredible life insurance experience.

Ethos has raised over $400 million of capital from Sequoia, Accel, Google Ventures, Goldman Sachs, Softbank and more. We are one of the largest U.S. life insurance issuers. We continue to scale quickly and are looking for passionate Ethosaurs to protect the next million families.

Listed Jobs

Company Name

Ethos

Job Title

Principal Security Engineer

Job Description

**Job Title** Principal Security Engineer **Role Summary** Lead design, implementation, and governance of secure architecture across cloud, API, and micro‑services environments. Drive security integration throughout the software development lifecycle, mentor cross‑functional teams, and respond to advanced security incidents. **Expectations** - Oversee security posture for production and development pipelines. - Influence policy, standards, and strategic initiatives at the CISO level. - Maintain ZERO‑TRUST principles and continuously evolve threat models. - Operate in a fast‑paced Tech‑insurtech platform with scalable cloud infrastructure. **Key Responsibilities** - Architect and deploy secure, scalable platforms for applications, APIs, and container workloads. - Develop and enforce application security best practices across SDLC, integrating security into CI/CD pipelines. - Conduct threat modeling, security design reviews, and risk assessments for new and existing systems. - Evaluate, select, and implement cloud security controls (CSPM, CWPP, IAM, KMS, logging, monitoring). - Provide technical leadership and mentorship to security engineers, developers, and DevOps teams. - Lead incident response for complex security events, perform root‑cause analysis, and recommend remediation strategies. - Contribute to and shape security policies, standards, and governance frameworks. - Stay abreast of emerging threats, vulnerabilities, and security technologies, advising stakeholders on mitigations. **Required Skills** - 10+ years of security engineering or architecture experience. - Deep expertise in AWS cloud security, including infrastructure‑as‑code (Terraform, CloudFormation). - Advanced knowledge of secure software development (OWASP Top 10, SAST, DAST, threat modeling). - Design experience with zero‑trust architectures, secure API gateways, identity and access management. - Proficiency in scripting/development (Python, Go, JavaScript) and secure coding practices. - Strong leadership and cross‑functional collaboration. - Hands‑on experience with Kubernetes, service mesh, and cloud‑native security tooling preferred. - Experience in regulated industries (fintech, healthcare, SaaS at scale) preferred. **Required Education & Certifications** - Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. - Professional certifications (preferred): CISSP, CCSP, AWS Security Specialty, GIAC (GCSA, GWEB, GDSA).

San francisco, United states

Hybrid

Senior

02-02-2026