Principal Product Security Engineer
The Security team's goal is to ensure that Atlassian products and services are safe. We're looking for a Principal Security Engineer to join our team who values working with development teams to secure their products across the software development lifecycle.
- As Principal, you will be the Technical SME - accelerate vulnerability remediation and promote automation; review platform, service designs, and architecture in order to drive our security teams to equip the engineering teams with the latest tools, techniques and methodologies to build secure products by default.
- You will partner with other security teams and leadership groups across Atlassian's vast footprint to uplift our security programs, and reduce risk exposure
- You have an interest in working with colleagues to understand our products and improve existing security infrastructure and processes
- We build many of our own tools, so having an understanding of how to develop software is valuable. Most of the code we work with is in Java, Python, or Go.
Compensation
At Atlassian, we strive to design equitable, explainable, and competitive compensation programs. To support this goal, the baseline of our range is higher than that of the typical market range, but in turn we expect to hire most candidates near this baseline. Base pay within the range is ultimately determined by a candidate's skills, expertise, or experience. In the United States, we have three geographic pay zones. For this role, our current base pay ranges for new hires in each zone are:
Zone A: $205,800 - $274,400
Zone B: $185,200 - $246,900
Zone C: $170,800 - $227,700
This role may also be eligible for benefits, bonuses, commissions, and equity.
Please visit go.atlassian.com/payzones for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter.
- Demonstrated expertise working in security-focused roles;
- In-depth experience with application security, especially web applications;
- Significant experience in cloud security architecture and infrastructure;
- Experience in vulnerability management, and accelerating vulnerability remediation in particular
- Proficiency in Python, Golang, or Java, and driving security-related engineering
- Strong organizational and interpersonal skills;
- Experience leading large-scale projects from start to finish and mentoring other security practitioners;
- Adept experience providing domain knowledge and guidance to stakeholders and engineering functions
It would be great, but not required if you have
- CVE's to your name
- Contributions to open-source security software
- Delivered industry presentations
- Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN
- Experience in large-scale cloud business (e.g. SaaS companies)
- Comfortable operating in and reviewing modern cloud technologies from providers such as AWS, Azure and GCP