Principal SaaS Security Engineer Boston, MA, Dev-Ops

Position: Principal SaaS Security Engineer Boston, MA, USA Dev-Ops
Hybrid## Principal SaaS Security Engineer Boston, MA, USAOur world is transforming, and PTC is leading the way.

Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business.

Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.
** Principal Security Engineer-SaaS
** JR110938
* * Key Responsibilities**
* ** Secure Architecture & Design**  + Architect and implement security controls for multi-tenant SaaS environments for both commercial and US federal customers  + Harden cloud infrastructure (AWS preferred) and enforce least-privilege IAM policies.  + Integrate encryption and key management solutions for data at rest and in transit.
* ** Threat Detection & Incident Response**  + Configure and monitor security tools like Wiz and Crowdstrike. Guide remediation efforts.  + Develop and maintain SIEM rules and dashboards for real-time threat monitoring.  + Lead incident response efforts, including root cause analysis and remediation.
* ** Vulnerability Management**  + Own vulnerability scanning, prioritization, and remediation across services.  + Tune automated scanning in CI/CD pipelines using tools like
** Black Duck, or Checkmarx**.
* ** Dev Sec Ops  & Automation**  + Build scripts and automation for security posture validation and drift detection.
* ** Collaboration & Leadership**  + Partner with engineering teams to integrate security best practices early in development.  + Mentor junior engineers and advocate for secure coding principles.
** Required Qualifications
*** 8+ years in security engineering, with at least 3 years in SaaS or cloud-native environments (Dev Sec Ops ).
* Deep expertise in
** AWS security services** (IAM, KMS, Security Hub, Guard Duty).
* Strong background in
** vulnerability management, SIEM tools (Splunk, Open search), and automation scripting** (Terraform, Ansible, Python).
* Experience with
** container security
** and orchestration (Docker, Kubernetes).
* Experience securing Linux deployments.
** Nice-to-Have
*** Working knowledge of
** FedRAMP, NIST SP 800-53, or similar compliance processes**.
* Relevant certifications: CISSP, CCSP, AWS Security Specialty.
* Work on cutting-edge SaaS security challenges.
* Influence architecture and security strategy at scale.
* Collaborate with a team passionate about building secure, resilient systems.
** Work Environment:
** The candidate may be required to participate in an on-call rotation to respond to security incidents.

The Sec Ops Engineer position will be a member of the Onshape Technical Operations team. This is a primarily US-based operations, site reliability, compliance, and security team. The team is part of Onshape Engineering and works very closely with other teams in engineering to deliver a reliable, secure service to our customers.

PTC carefully considers a wide range of factors when determining compensation. The anticipated annual salary range for this position is between $118,. The anticipated annual salary range encompasses both the base salary and the on-target incentive compensation that may be attained in this role. The salary range reflects a good-faith estimate of compensation at the time of posting.

Actual compensation may vary based on a candidate's skills, qualifications, experience, and location. Eligible employees also have the opportunity to become a PTC shareholder through our employee share purchase program (ESPP) which allows for the purchase of discounted PTC stock. Certain roles may also be eligible for participation in our equity programs. Employees may be eligible for medical, dental and vision insurance, paid time off and sick leave, tuition reimbursement, 401(k) contributions and employer match, flexible spending accounts, life insurance, disability coverage and if you are an office-assigned employee, a generous commuter subsidy.

All…