$182,000–$228,000 Per Year
Application Programming Interface (API), Applications Security, Architectural Services, Artificial Intelligence (AI), Authentication, Bank Management, Board Meeting, CCSP - Cisco Certified Security Professional, CISSP - Certified Information Systems Security Professional, Cloud Computing, Communication Skills, Computer Science, Cryptography, Distributed Computing, Establish Priorities, Financial Planning, Financial Services, Identity Data Management, Injections, Internet Security, Microservices, Model Review, Product Design, Product Development, Product Engineering, Product Lifecycle, Product Planning, Product Reviews, Product Strategy, Requirements Management, Rich Internet Application (RIA), Risk Analysis, Security Architecture, Security Design, Software Engineering, Strategic Planning, Supply Chain, System Architecture, Threat Modeling, U.S. National Institute of Standards and Technology (NIST), Wealth Management
Description
The application window will close August 5, 2026.
Job Location
The primary work location for this role is East Coast with a remote work model.
About Envestnet
Envestnet is an adaptive WealthTech company that is redefining the future of wealth management by helping advisors meet the moment with its comprehensive technology, actionable insights, and industry leading support. Backed by over 25 years of experience and approximately $7.0 trillion in platform assets, Envestnet is trusted by over one third of financial advisors across leading banks, wealth managers, brokerages, and RIAs.
For a deeper look at how Envestnet is shaping the future of financial advice, visit
www.envestnet.com.
The Team You’ll Join
This role focuses on helping the product security team ensure that security is built in from the start. The team works early in the product lifecycle to apply secure design principles through architecture reviews, threat modeling, and hands-on design guidance. As part of a Product Security team, this role collaborates closely with product managers, engineers, and cybersecurity partners to identify risks, influence design decisions, and strengthen the security posture of the platforms the team supports.
How You’ll Contribute
- Secure Product & Platform Architecture
- Partner with product managers, solution architects, and engineering teams to integrate security requirements from the requirements and design stages of product development.
- Review and assess product, platform, and AI system architectures (including LLM‑based features, RAG pipelines, and agentic workflows) and recommend security improvements at the architectural level.
- Define and enforce security architecture patterns and standards for applications, APIs, distributed systems, and AI-enabled components.
- Ensure supply chain risks are addressed at design and architecture level.
- Embed security considerations into: Product strategy and roadmap planning and Feature prioritization and design trade-offs
- Threat Modeling & Design Reviews
- Lead and facilitate product‑level threat modeling and security design reviews, focusing on architecture, data flows, trust boundaries, and attack surfaces rather than source code.
- Lead threat modeling and security design reviews for AI‑ and LLM‑based applications, focusing on:
- Prompt injection and model manipulation
- Data leakage and training data exposure
- Model misuse, over‑privileged agents, and unsafe autonomy
- Security Requirements & Standards
- Define product security requirements related to encryption, identity, authentication, authorization, secrets handling, and secure configuration.
- Establish secure‑by‑design AI patterns and documented anti‑patterns and socialize them with product and engineering teams.
- Ensure alignment with industry standards and frameworks such as OWASP, NIST and applicable regulatory requirements.
- Guide architectural decisions around:
- Data exposure risks
- Model integration patterns
- Abuse and misuse scenarios
- Cross‑Functional Collaboration & Advisory
- Collaborate with product and engineering teams on secure adoption of AI/LLM capabilities.
- Participate in Architecture Review Board meetings.
What You’ll Need to Bring
- Bachelor’s/Master’s in Computer Science, Cybersecurity, or related field.
- 12 years in product security, architecture, or software engineering.
- Strong experience in product or application security architecture, with a focus on design‑level security preferably in a financial services industry.
- Hands‑on experience with threat modeling, security architecture reviews, and secure system design including AI-enabled systems.
- Solid understanding of modern application architectures, including microservices, APIs, and cloud‑native platforms.
- Working knowledge of AI/LLM concepts, including model integration patterns, RAG architectures, and agentic workflows.
- Knowledge of identity and access management, encryption standards, and secure integration patterns.
Nice-to-Have
- Familiarity with industry frameworks such as OWASP, NIST, and security requirements for regulated environments including emerging AI governance practices.
- Certifications (optional): CISSP, CSSLP, CCSP.
- Strong communication skills to influence design decisions without direct ownership of delivery teams.
- Ability to translate security risks into clear architectural guidance for product and engineering teams.
Why You’ll Enjoy Working at Envestnet
Help shape the future of WealthTech. At Envestnet you’ll gain hands-on experience and collaborate with some of the industry’s brightest minds to deliver meaningful, innovative solutions that make a real difference.
We value flexibility in how and where work gets done, and we recognize strong performance with meaningful rewards—because your contributions should drive both business success and your own personal growth. If you’re looking for a place where your work has impact, your development is supported, and your contributions are truly valued, Envestnet is where you can build your future.
The opportunity is now!
Sponsorship
This position is not open to candidates requiring visa sponsorship
Our Investment in You
This role offers a base salary range of $182,000.00 to $228,000. The range listed represents a good-faith estimate of base salary compensation for this position and does not include incentive compensation, equity or benefits. Individual pay will be determined based on factors including, but not limited to, relevant experience, skills, education, certifications, and geographic location, in accordance with applicable pay transparency laws. This role is eligible for an additional incentive component as part of the total rewards package.
We provide a comprehensive suite of benefits - subject to Envestnet’s plan eligibility rules - that support your overall well-being including, medical insurance, paid time off (PTO), 401k company match, paid parental leave, education reimbursement, disability coverage and mental health & wellness support. Our investment in you means supporting you professionally, financially, and personally at every stage of your journey with us. Please visit our benefits page on our career site to learn more.
Our Commitment to Inclusion & Belonging
Envestnet is an Equal Opportunity Employer and is committed to creating an inclusive environment for all employees and applicants. We welcome and value individuals of all backgrounds and do not discriminate based on race, color, religion, creed, sex (including pregnancy or related medical conditions), gender identity or expression, sexual orientation, national origin, ancestry, age, disability, genetic information, military or veteran status, citizenship status, or any other status protected by applicable law. We encourage individuals from all backgrounds to apply.
We strive to provide an inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation, please contact us at careers@envestnet.com. Please include your full name, the title of the role you are applying for, and the accommodation necessary to assist you with the recruiting process.
Recruitment Fraud
At Envestnet, safeguarding the trust and safety of job seekers is a top priority. We are aware that scammers may impersonate Envestnet recruiters or create fake job opportunities to deceive candidates. Review the information on our recruitment fraud awareness page to help you recognize and avoid recruitment fraud. #LI-AA1 #LI-REMOTE