Back to search
Coupang Linkedin · Posted 28d ago

Principal Security Engineer

Seoul

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Role Overview – Principal, Security Engineer

As a Principal Security Engineer, you will serve as a senior technical authority responsible for owning and stewarding end‑to‑end security architecture across Coupang’s cloud, platform, and systems. This is a deeply technical, hands‑on role focused on designing, building, and operating high‑assurance security controls that run directly in production

environments.


You will define secure architectures, threat models, and guardrails for core platforms and GenAI systems, while partnering closely with engineering teams to embed security into shared infrastructure, frameworks, and services. This role combines first‑principles security engineering with large‑scale system design and organizational influence.


Key Responsibilities


Own End-to-End Security Architecture

  • Define and steward security architecture across cloud infrastructure (AWS), identity systems, networking, data
  • platforms, CI/CD, and AI/GenAI systems
  • Act as the final technical authority for correctness, trust boundaries, scalability, and blast radius containment
  • Ensure secure-by-design patterns are consistently applied across core and AI platforms
  • Establish Canonical Threat Models
  • Develop and maintain threat models across cloud, distributed systems, applications, APIs, identity flows, and
  • CI/CD pipelines
  • Define threat models for GenAI systems, including prompt injection, model misuse, agent abuse, and data
  • exfiltration
  • Translate threat models into enforceable architectural requirements and secure defaults


Lead Identity, Authentication, and Authorization Strategy

  • Own enterprise IAM strategy covering humans, services, workloads, and AI agents
  • Design service-to-service authentication, least-privilege models, and just-in-time access
  • Ensure authorization systems are resilient, auditable, and safe under partial failure


Design and Build High-Assurance Security Controls

• Personally design and/or build security-critical systems such as:

  • Authorization and policy engines
  • Token issuance, validation, and rotation systems
  • Secrets and key management
  • Secure service meshes and ingress/egress controls

• Set the engineering bar for determinism, secure failure modes, and abuse resistance


Own Application and API Security at Scale

  • Define secure design patterns for APIs, multitenant isolation, and authorization boundaries
  • Prevent confused-deputy attacks, unsafe input handling, and boundary violations
  • Ensure security is embedded into frameworks and shared libraries, not bolted on later


Secure Data, ML, and Model Lifecycles

  • Own security for sensitive data and AI models, including classification, access control, encryption, and lineage
  • Secure ML training, evaluation, deployment, and model versioning environments
  • Prevent data leakage, unauthorized model access, and cross-tenant exposure


Build Deterministic Guardrails for GenAI and Agents

  • Design enforceable guardrails that control model inputs, outputs, and tool invocation
  • Separate control-plane authorization from model behavior
  • Ensure policies are enforced outside the model, auditable, and fail safely


Drive Detection, Response, and Abuse Prevention

  • Define detection and response strategies for identity abuse, lateral movement, CI/CD compromise, and AI
  • misuse
  • Focus on high-signal detection, explainability, and sustainable operations
  • Ensure Security Reliability and Operational Excellence
  • Treat security platforms as production infrastructure with SLOs and error budgets
  • Design for partial trust failures across identity, KMS, and policy systems
  • Ensure strong observability, incident readiness, and recovery capabilities


Multiply Impact Through Technical Leadership

  • Mentor senior and staff engineers across security and platform teams
  • Review high-risk designs and security-critical code paths
  • Define company-wide standards, patterns, and reusable guardrails


Qualifications & Experience


Essential Experience

  • Principal, Lead, or equivalent senior security engineering or architecture experience in complex, large-scale
  • environments
  • Proven ability to operate as both a strategic technical leader and hands-on engineer
  • Deep experience with cloud platforms (AWS), distributed systems, and cloud-native security controls
  • Demonstrated experience designing and/or building security controls for platforms, data systems, or AI/ML
  • workloads
  • Track record of shipping production security systems adopted by multiple teams


Preferred Experience

Experience securing GenAI systems, agents, or ML platforms at scale

Strong background in identity systems, authorization, and policy enforcement

Ability to influence architecture decisions across organizations through technical authority

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent