EngRadardirect-apply

Principal Software Engineer

Truffle Security

Truffle Security is a cybersecurity company on a mission to make secrets easier to detect, verify, and remediate across modern software environments.

Remote Remote Posted 1mo ago cybersecurity
Apply directly →

About us

Truffle Security is a cybersecurity company on a mission to make secrets easier to detect, verify, and remediate across modern software environments. Built on the popular open-source TruffleHog™ secrets scanning platform, the company's enterprise solution gives security and engineering teams everything they need to find exposed credentials, understand which ones are active, and act on them with confidence.

With support for 800+ credential types, Truffle Security continuously monitors non-human identities (NHIs) and their associated secrets across code repositories, SaaS applications, wikis, and cloud systems. It goes beyond detection by verifying which secrets are live, analyzing their scope of access, and streamlining remediation through automated workflows and lifecycle management so teams can prioritize what to revoke and confirm it's done without manual follow-up.

Trusted by organizations including NVIDIA, Chick-fil-A, and OpenAI, Truffle Security helps security and engineering teams stay ahead of secrets risk.

About the Role

We’re looking for a Principal Software Engineer to serve as a senior technical leader across Engineering. This is a hands-on role focused on improving architecture, scalability, reliability, and engineering quality across our systems.

We have a strong team of Senior and Staff engineers, and we’re looking for someone who can make that team even more effective. This role is about creating leverage across Engineering: improving the quality of technical decisions, mentoring experienced engineers, establishing durable architecture and engineering practices, and helping teams move faster without sacrificing reliability or maintainability.

We’re also changing how we build software. Our engineering team is putting more emphasis on using agentic development tools effectively. The goal is not to replace engineering judgment, but to improve planning, implementation, testing, review, and overall leverage. This role will help shape practical workflows for using these tools well while maintaining high standards for quality, security, and maintainability.

You’ll work closely with engineering leadership, product, infrastructure, and security teams to shape long-term technical direction while helping teams move quickly and responsibly.

What you'll be working on

  • Improving architecture across backend services and platform infrastructure, and defining long-term architectural strategy and technical standards across teams
  • Establish engineering standards that improve consistency, maintainability, reliability, and operational readiness
  • Scale distributed systems and improve performance across core services
  • Improve production engineering practices, including observability, testing, incident response, and post-incident review
  • Identify and reduce high-impact technical debt
  • Improve developer tooling, workflows, and engineering productivity
  • Help teams use agentic development tools effectively across planning, implementation, testing, review, and validation
  • Partnering with product and infrastructure teams on scalable, resilient systems and subsequently simplifying systems and reducing organizational complexity as the platform scales
  • Mentor Senior and Staff engineers through architecture reviews, technical coaching, and project guidance
  • Serve as a trusted technical advisor for difficult engineering and architectural decisions

Areas You May Work In

  • Distributed systems and service architecture
  • Platform reliability and observability
  • Scalable ingestion and scanning infrastructure
  • Multi-tenant systems and cloud infrastructure
  • Internal developer tooling
  • Frontend architecture across React and TypeScript applications

What We’re Looking For

Required Qualifications

  • Experience operating as a Principal Engineer, Architect, or senior Staff+ engineer
  • Deep experience designing and operating distributed systems in production
  • Strong backend engineering experience, ideally in Go or a similar language
  • Strong architectural judgment and systems thinking, with the ability to simplify complex systems and make pragmatic technical trade-offs
  • Experience leading complex technical projects across teams
  • Proven ability to mentor and develop senior engineers
  • Strong communication and technical leadership skills
  • Strong operational mindset around reliability, scalability, observability, and performance
  • Ability to balance long-term technical quality with pragmatic execution
  • Comfort operating in fast-moving, ambiguous environments
  • Bias toward ownership, execution, and driving technical clarity in ambiguous environments
  • Practical experience using agentic or AI-assisted development tools in professional engineering workflows
  • Experience introducing shared workflows, prompts, rules, coding agents, or internal tooling that improve engineering productivity
  • Good judgment around where automation improves leverage, how AI-assisted work should be reviewed, and when direct engineering ownership is needed

Bonus Points

  • Experience in open source, cybersecurity, developer tooling, infrastructure, or platform engineering
  • Kubernetes and cloud-native infrastructure experience
  • Experience scaling platform infrastructure or multi-tenant systems
  • Experience improving engineering processes and technical maturity across teams
  • React and TypeScript architecture experience
  • Familiarity with security and scanning infrastructure
  • Experience with Django or Python

Tech Stack

Our primary technologies include:

  • Go
  • React
  • TypeScript
  • Django/Python
  • PostgreSQL
  • Kubernetes
  • Docker
  • GCP
  • CI/CD and observability tooling
  • Agentic development tools such as Cursor, MCP integrations, and other AI-assisted engineering environments

You do not need experience with every technology listed here. You should be comfortable working across modern distributed systems, cloud-native environments, and AI-assisted engineering workflows.

Why This Role Is Interesting

  • You’ll be Truffle’s first Principal Engineer and help define what senior technical leadership looks like here.
  • You’ll have broad influence across architecture, engineering standards, operational maturity, and technical strategy.
  • You’ll work with a strong team of Senior and Staff engineers who care about technical quality and thoughtful engineering.
  • You’ll help shape how Truffle uses agentic engineering tools in a practical, high-judgment way.
  • You’ll help build the technical foundation of a growing security company solving difficult infrastructure and developer security problems.
  • Your impact will extend well beyond your own code. This role is about making the entire engineering organization more effective.

The target base salary range for this position is between $215,000-$270,000 for candidates in the United States. Starting salary will vary based on job-related skills, knowledge, and experience. Leveling will be determined during the interview process. You may also be offered a bonus, stock options, and benefits. These salary ranges are subject to change, and we encourage candidates outside of this salary range to apply.

How we support our team

  • Fully remote within the U.S. – We believe opportunity shouldn’t be limited by geography. Our remote-first approach lets us hire the best people across the United States and empowers them to do their best work from wherever they are.
  • A culture of mentorship, equity, and psychological safety – We’re committed to fostering an environment where you can thrive, learn, and feel valued.
  • Competitive salary & meaningful equity – Be rewarded for your contributions with a strong compensation package and a stake in our shared success.
  • Flexible paid time off – We operate with a high level of autonomy and trust, giving you the flexibility to take time off as needed—no strict limits, just the expectation that you’re meeting your commitments and getting your work done.
  • 14 paid holidays – Including Thanksgiving, Winter Break, and "Truffle Holidays" when the entire company takes a well-deserved day off together.
  • Comprehensive health benefits – Medical, dental, and vision coverage with 80% of premiums covered for you and your dependents.
  • Remote work stipend – Get set up for success with an $800 new hire stipend and $100/month to keep your workspace comfortable.
  • Health & wellness stipend$1,200/year to support your physical, mental, and emotional well-being— we believe that feeling good helps you do great work.
  • Learning & development stipend$2,000/year to invest in your growth, whether it’s courses, certifications, or industry conferences.
  • 401(k) match – We match 100% of the first 6% of your contributions on every paycheck, helping you build financial security for the future.
  • 100% remote + company off-sites – Twice a year, we come together in amazing locations like Hawaii, Cabo, and the Rocky Mountains to collaborate and connect.


We’re looking for folks who are interested in being part of the journey to make the internet more secure. The internet is for all, and we believe that diverse experiences and people from all walks of life can contribute to this mission. That said, if what we’re doing resonates with your values, we’d love to have you apply even if you don’t check all of the boxes or match the job description to a tee.

Truffle strives to promote an equitable, inclusive, and psychologically-safe workplace for all who are interested in working with us. All job applicants will be considered throughout the employment process without regard to race, color, ethnicity, religion, sex, sexual orientation, gender perception/identity, age, pregnancy or parental status, disability status, or any other basis prohibited by law. If you are an individual with disabilities and reasonable accommodation is needed throughout the interview process, or to perform essential job functions, please let your recruiter know.

Lastly, we ask that all applicants consider the opportunity to answer a few voluntary demographic questions on the job application. This helps us track the inclusivity of our recruiting initiatives. Answering these questions is entirely optional and your answers will not be shared with the hiring team and will not impact the hiring decision.

Note: Our organization participates in the US federal E-Verify program. We will provide the Social Security Administration, and if necessary, the Department of Homeland Security, with information from each new employee’s Form I-9 to confirm work authorization. We do not use this information to pre-screen job applicants.

Posted by Truffle Security on their own careers page — you apply directly, no recruiter in between. View original / apply →

More at Truffle Security