Principal Security Engineer

AVEVA is a global leader in industrial software. Our cutting-edge solutions are used by thousands of enterprises to deliver the essentials of life such as energy, infrastructure, chemicals and minerals safely, efficiently and more sustainably.

Were the first software business in the world to have our sustainability targets validated by the SBTi, and weve been recognized for the transparency and ambition of our commitment to diversity, equity, and inclusion. Weve also recently been named as one of the worlds most innovative companies.

If youre a curious and collaborative person who wants to make a big impact through technology, then we want to hear from you! Find out more at .

For more information about our privacy policy and how to manage cookies, visit our .

Position: Principal Security Engineer Application Security & Incident Response

Location: Calgary Canada/ Lake Forest, CA

Type: Full time- Hybrid

Path: Individual Contributor

Salary Range

$123,500.00 - $205,900.00

About The Role

Were looking for a Principal Security Engineer to lead our application security efforts and help protect our global technology environment. This is a hands-on, high-impact role for someone with deep expertise in application security, a strong development background, and real-world breach response experience.

Youll work across engineering and product teams to identify vulnerabilities, guide secure development, and respond to security incidents. As part of our global 247 security team, youll help ensure continuous coverage and rapid response to emerging threats.

Key Responsibilities

• Lead application security practices across development and deployment workflows.
• Identify and remediate vulnerabilities in collaboration with engineering teams.
• Monitor for threats and respond to security incidents across global environments.
• Apply breach response experience to strengthen threat modeling and security controls.
• Stay ahead of emerging threats and translate insights into actionable improvements.
• Develop secure coding standards and mentor teams on best practices.
• Work as part of a global 247 team to ensure consistent security coverage.
  
  

Required Qualifications

• Strong development background with experience in secure coding and software engineering.
• Proven experience in application security and incident response.
• Proven experience securing cloud applications (e.g., Azure, AWS, GCP).
• At least two years operating at Principal level or in a senior technical leadership role.
• Strong understanding of secure development practices and threat modeling.
• Experience with cloud-native environments, CI/CD pipelines, and containerized applications.
• Excellent communication and stakeholder engagement skills.
  
  

Preferred Qualifications

• Certifications like CSSLP, OSWE, or GWAPT.
• Experience with automated security tools and analysis platforms.
• Familiarity with compliance frameworks (e.g., GDPR, PCI-DSS, ISO 27001).
• Understanding of the NIS Directive and its impact on security operations.
  
  

R&D at AVEVA

Our global team of 2000 developers work on an incredibly diverse portfolio of over 75 industrial automation and engineering products, which cover everything from data management to 3D design. AI and cloud are at the centre of our strategy, and we have over 150 patents to our name.

Our track record of innovation is no fluke its the result of a structured and deliberate focus on learning, collaboration and inclusivity. If you want to build applications that solve big problems, join us.