At Sitecore, our mission is to simplify how brands reach, engage, and serve people by delivering intelligent, personalized digital experiences that connect the world. We empower the world’s most iconic brands to build lifelong relationships with their customers—seamlessly, smartly, and at scale.

As the leading provider of agentic digital experience software, Sitecore brings together content, commerce, and data into one composable platform that enables brands to deliver millions of meaningful, adaptive experiences every day. Trusted by global leaders such as American Express, Porsche, Starbucks, and L’Oréal, Sitecore helps brands transform engagement through experiences that are not only personalised but predictive and dynamic.

Our foundation is our people—a diverse, passionate, and collaborative global team spanning over 25 countries. We believe that every experience matters, and that belief starts with how we work together. Our values guide how we lead, innovate, and connect. They are the behaviors that bring our mission and vision to life, every day, in every interaction.

As we continue to evolve, we are actively cultivating AI skills across our teams to unlock new levels of creativity, efficiency, and insight. From engineering to customer experience, AI capabilities are becoming integral to how we design, build, and deliver the next generation of digital experiences.

Learn more at Sitecore.com.

About the Role:

As a Senior Product Security & Privacy Engineer, you will define and drive security and privacy across Sitecore’s SaaS platform and product portfolio. You will work closely with engineering, cloud operations, and compliance teams to ensure secure and privacy-centric design principles are applied throughout the product lifecycle. This role requires deep technical expertise in application security, cloud security, privacy engineering, and secure software development practices.

What You’ll Do:

Security Development & Design

Develop and maintain security architecture frameworks for Sitecore products and services.
Define secure design patterns for microservices, APIs, and cloud-native applications.
Ensure alignment with industry standards (OWASP, NIST, ISO 27001).

Privacy Engineering & Compliance

Embed Privacy by Design principles into product architecture.
Implement privacy-preserving techniques (data minimization, pseudonymization, encryption).
Ensure compliance with global privacy regulations (GDPR, CCPA) and emerging AI governance standards.
Collaborate with legal and compliance teams to translate regulatory requirements into technical controls.

Threat Modelling & Risk Assessment

Conduct threat modelling for new features and architectures, including privacy impact assessments.
Identify and mitigate security and privacy risks in product designs and implementations.

Collaboration & Guidance

Partner with product and engineering teams to embed security and privacy into development processes.
Provide architectural guidance and best practices for secure coding and privacy-aware design.

Research & Innovation

Stay ahead of emerging security and privacy threats, including AI-related risks.
Evaluate and integrate advanced security and privacy tools and methodologies.

What You Need to Succeed:

5+ years in product security roles, with experience in privacy engineering.
Proven experience designing secure and privacy-preserving systems for SaaS and cloud environments.
Strong knowledge of application security, cloud security (Azure preferred), and DevSecOps practices.
Familiarity with privacy-enhancing technologies (PETs) such as differential privacy, anonymization, and secure data lifecycle management.
Expertise in threat modelling and secure software development lifecycle (SSDLC).

Additional Skills That Could Set You Apart:

Familiarity with headless CMS architecture, front-end frameworks, and web technologies.
CISSP, CCSP, or equivalent security certifications.
CIPP/E or CIPT for privacy expertise.
CSSLP or similar for secure software development.

Why Sitecore?

At Sitecore, we offer a vibrant work culture, a collaborative environment, and the opportunity to work on products that shape digital experiences globally. We’re dedicated to fostering growth, innovation, and a commitment to our employees’ professional and personal development. Be part of a visionary, innovation-driven team shaping the next era of AI-powered content management in a leading composable DXP.

Sitecore is proud to be an equal opportunity workplace. We are committed to equal employment opportunity without unlawful regard to race, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability, veteran status or any other local legally protected characteristic.

Apply now

See more open positions at Sitecore

Privacy policy Cookie policy