Chief Software Engineer Architect

About DataStealth:

DataStealth is a single, unified data security platform (DSP) that discovers, classifies, and protects sensitive data across your entire environment, from on-premise to legacy cloud to cloud; wherever your data lives or flows, we protect it using the latest technologies and AI. We do this without requiring complex integrations or changes to your existing applications, ensuring security that enables, rather than hinders, your business. By seamlessly applying data protection strategies, such as tokenization, we ensure that even if your perimeter is breached, your data remains unusable if it falls into the wrong hands.

Recognized for the fifth consecutive year as a Great Place to Work, we are one of the world's leading and fastest growing cybersecurity software companies. Our team is the best in the business. Our patented technology provides our large enterprise customers with the ability to solve complex data security problems with a paradigm shifting technology that can actually solve problems.

About You:

You're the most senior technical mind in the company—a hands-on architect who still writes code, still ships, and still de-risks the hardest problems personally. You set the technical direction for the entire platform, own the architecture roadmap end-to-end, and lead our team of Principal and Distinguished Engineers through technical credibility rather than authority. You think in decades of system evolution, but you prove your ideas in weeks of working code. You have deep experience building security products—you know how to apply cryptography, tokenization, and key management correctly in real systems—and you have firsthand experience applying AI and ML to hard security problems, not as a buzzword, but as engineering. You are comfortable being the final technical escalation point for anything the team cannot solve, and equally comfortable pairing with a senior engineer at a keyboard to unblock a nasty distributed systems bug.

Role Overview:

The Chief Software Engineering Architect is the most senior technical role at DataStealth. You own the overall technical strategy, architecture, and engineering standards for the entire DSP platform, and you lead the technical direction of our most senior engineering cohort. Crucially, this is not a non-coding architect role. You are expected to be hands-on in code roughly 30–50% of the time—writing our most difficult components, leading applied research and experimental development to de-risk our riskiest projects, and prototyping the designs you propose before asking anyone else to commit to them.

Our Principal and Distinguished Engineers report to you for technical leadership—direction, design review, unblocking, architectural calls, and the growth of their craft. Management is a shared function. The executive team retains ownership of performance reviews, compensation, career progression decisions, and the bulk of day-to-day people management. Your reports are self-motivated senior ICs, and the expectation is that you lead them more like a principal technical lead than a traditional engineering manager—keeping the management overhead light so you can stay deeply technical.

Based in Mississauga with a hybrid schedule (4 days in-office per week), you will work directly with the CTO and executive team on multi-year technical strategy, and directly with our Principal and Distinguished Engineers on the code that matters most. This role defines what "done right" means at DataStealth.

What You Will Do:

Technical Strategy & Architecture Leadership

• Own the multi-year technical roadmap and architecture vision for the DataStealth DSP across discovery, classification, tokenization, encryption, and key management

• Define and evolve engineering standards, platform RFCs, technology selection, and "paved paths" that Principal and Distinguished Engineers build on

• Partner with the CTO, product, and security leadership on build-vs-buy, platform bets, and competitive technical strategy

• Represent DataStealth's architecture externally to enterprise customers, design partners, auditors (PCI-DSS, SOC 2), and the broader security community

Hands-On Deep Technical Work

• Write production code in our hardest, highest-risk subsystems—tokenization engine internals, high-throughput data-path services, security-critical platform components, and cross-cutting platform libraries

• Lead applied research and experimental development to de-risk our most ambitious projects: timeboxed prototypes, spikes, and reference implementations that the broader team then productionizes

• Set the quality bar through exemplar code, design reviews, and technical mentorship of Principal and Distinguished Engineers

• Work across the stack using the right language for the job: Java (primary), TypeScript/Node.js, Golang, and Rust

Security Architecture & Threat Leadership

• Own end-to-end security architecture for the platform: threat models, trust boundaries, applied cryptographic design, key hierarchies, HSM integration, and compliance boundaries for PCI-DSS, SOC 2, GDPR, and related frameworks

• Apply the right cryptographic tools for the job—not invent them. You know which primitives to use, which libraries to trust, how to design key hierarchies and rotation, where HSM boundaries belong, and how to structure systems so compliance and operational reality both hold

• Act as the final technical escalation point for novel security questions, adversarial scenarios, and high-stakes architectural trade-offs

• Drive secure-by-design engineering culture: threat modeling as a first-class engineering artifact, not an afterthought

AI in Security Products

• Define and lead DataStealth's application of AI and ML to security problems—data classification, anomaly and sensitivity detection, analyst augmentation, and agentic automation

• Own the technical strategy for combining classical detection (regex, structured matchers, tokenization) with ML-based classification (transformer classifiers, embedding-based similarity, small distilled models) and LLM-based augmentation where appropriate

• Establish DataStealth's defensive posture around AI-specific risks: prompt injection, training data leakage, model poisoning, and adversarial ML—aligned to NIST AI RMF, OWASP LLM/ML Top 10, and MITRE ATLAS

• Evaluate and prototype emerging patterns (agentic security workflows, RAG over telemetry, privacy-preserving inference) and make clear recommendations on what DataStealth adopts, builds, or rejects

Cloud, Platform & Operational Excellence

• Set architectural direction for cloud-native deployment across AWS, Azure, and GCP—resilience, observability, cost, multi-region, and regulated-workload patterns

• Define standards for CI/CD, container orchestration (Kubernetes/Docker), observability (Prometheus, Grafana, OpenTelemetry, ELK), and infrastructure-as-code (Terraform, Pulumi)

• Lead architectural decisions on event-driven backbones, data stores across paradigms, and high-throughput processing systems

Engineering Leadership & Culture

• Provide technical leadership to the Principal and Distinguished Engineer cohort who report to you—design review, architectural direction, unblocking, and craft development through RFCs, architecture guilds, and direct technical mentorship

• Work as a principal technical lead, not a traditional line manager—the executive team handles performance reviews, compensation, and the bulk of people-management load so you can stay deeply technical

• Drive AI-augmented engineering practices across the team—directing agentic AI coding tools (Claude Code, Copilot, Cursor, open-source agents) as disciplined engineering partners, setting the bar on review, testing, and production quality for AI-generated code

• Help hire, grow, and retain our most senior technical talent; raise the technical bar through mentorship, documentation, and visible engineering excellence

• Work cross-functionally with Product, Security, Customer Success, and executive leadership to translate the hardest customer problems into coherent technical strategy

What You Bring:

Required

• 15+ years of professional software engineering experience, with at least the last 5 in the most senior IC technical role at your organization (Chief Architect, Distinguished Engineer, Technical Fellow, Principal Architect, or equivalent)

• Demonstrated hands-on coding at the most senior level—you have shipped production code in a Chief Architect or Distinguished Engineer role, not just approved designs. Expect to discuss specific systems you personally built and projects you personally de-risked through experimental development

• Deep expertise in Java and JVM languages (required) plus at least two of TypeScript/Node.js, Golang, or Rust, with demonstrated ability to move fluently between them

• Deep experience building security products—data security, tokenization, encryption, key management, DLP, CASB, EDR, or equivalent. You are a strong applier of cryptography: you know which primitives, libraries, and patterns to use, have designed systems around key hierarchies and HSMs, and have shipped systems under PCI-DSS, SOC 2, or equivalent regulatory scrutiny. You do not need to be a cryptographer, but you must know how to build secure systems with crypto correctly

• Firsthand experience applying AI/ML to security problems in production—not AI-adjacent, not exploratory. You have designed and shipped at least one of: ML-based classification/detection, LLM-based analyst augmentation, agentic security automation, or adversarial ML defense. You have clear opinions on the current state of AI in the security product landscape and where it is going

• Proven ability to lead Principal and Distinguished Engineers through technical credibility rather than authority—RFCs, design reviews, exemplar code, and technical vision documents

• Comfort leading a small group of senior ICs as a technical lead in a shared-management model—light people-management load, high technical-leadership load

• Deep experience designing and operating distributed systems at production scale—resilience, observability, performance, multi-region, cost—including at least one major cloud provider at depth and working command of the others

• Track record of de-risking the hardest projects through applied research, prototyping, and experimental development

• Strong grasp of networking fundamentals (HTTP/S, TLS, SSH, DNS, TCP/IP), Linux systems, and how they compose in distributed systems

• Deliberate, quality-driven use of agentic AI coding tools (Claude Code, Copilot, Cursor, open-source agents) as an engineering force multiplier—with rigorous review, testing, and validation of all AI-generated code before production

• Comfort working in a hybrid environment (Mississauga office, 4 days/week)

Nice to Have:

• Experience as a technical founder or early technical leader at a security scale-up

• Experience with format-preserving encryption (FPE), tokenization vaults, and vaultless tokenization architectures as a consumer/integrator

• Contributions to open-source in security, data platforms, or AI

• Experience designing agentic AI systems in adversarial settings—tool use, multi-agent coordination, human-in-the-loop gating, prompt injection hardening

• Deep experience with event-driven architectures (Kafka, NATS) at scale

• Familiarity with MITRE ATLAS, NIST AI RMF, OWASP LLM/ML Top 10, and how they apply to security product architecture

• Public technical presence—conference talks, published papers, standards work, or technical writing that has influenced the field

• Familiarity with configuration-as-code systems (we use Groovy) and infrastructure-as-code at depth

• Cross-paradigm performance analysis experience (VisualVM/JProfiler, pprof, Chrome DevTools/V8 Profiler)—you can profile and fix the hardest production performance problems yourself

Why DataStealth:

• The most senior technical seat at a fast-growing, patented-technology security scale-up—real scope, real ownership, real code

• Solve hard problems that matter: your architecture and your code directly protect sensitive data for the world's largest enterprises

• Player-coach architect role: you lead the technical direction and you stay in the code

• Lean, shared-management model that keeps you deeply technical—PEs and DEs report to you for technical leadership, while executive leadership absorbs the performance-management load

• Polyglot engineering culture: choose the right tool for the job, not the only tool you know

• AI-forward engineering team that treats AI tools as force multipliers—not crutches

• Great Place to Work certified for five consecutive years with a team that is genuinely best-in-class

• Direct partnership with the CTO and executive team on multi-year technical strategy

Additional Information:

This posting is for an existing vacancy. We use artificial intelligence (AI) to screen, assess, and select applicants.

DataStealth is an equal opportunity employer. We encourage applications from candidates of all backgrounds and experiences.

We look forward to reviewing your application!