Senior Security Engineer

Mattermost is hiring a Senior Security Engineer to play a key role in safeguarding our company, SaaS platforms, and IT infrastructure. As a vital member of our Security team, you'll collaborate with a globally distributed group of top talent to design, monitor, and implement security processes that ensure the resilience of our services. Join us to take your career to the next level while shaping the future of secure platforms in a fast-paced, innovative environment!

You will be responsible for the implementation of additional security tooling, hardening, and/or processes across the company. Coordinating and collaborating with relevant stakeholders, gathering requirements, and leading implementation. 

Responsibilities include:

• Lead security and IT projects to enhance security posture of infrastructure and company
• Detect, respond to, and remediate security incidents
• Contribute to the development, review, and enforcement of company-wide security policies and processes
• Administration of company-wide IAM solution
• Administration of security monitoring infrastructure
• Contribute to growing our security incident response, forensic, and endpoint management programs
• Engage closely with North American and international staff.
• Partner with Engineering teams to assist and mitigate risks related to AI-enabled tools, services, and workflows.
• Explore and implement AI and automation workflows as part of detection, analysis, and response processes.

Required Background/Skill

• Bachelor's degree in Computer Science or related fields, or significant professional security experience
• 3+ years of demonstrated experience in security engineering and incident response
• Experience with security monitoring systems
• Experience with security controls for cloud environments such as AWS, GCP and/or Azure
• Curiosity and practical experience evaluating security implications of AI systems, automation, or AI-assisted workflows
• Experience with identity and access management
• In-depth knowledge of Linux systems
• Experience with Kubernetes and Docker
• Experience with infrastructure automation and software delivery. 
• Excellent written and verbal communication skills
• Demonstrable teamwork skills and resourcefulness
• Experience managing security of Microsoft 365 and Google Workspace tenants.
• Applicants must meet eligibility requirements for access to export-controlled information as defined by U.S. export control laws, including EAR and ITAR.

Preferred Background/Skill

• Experience with certification processes such as SOC2, ISO 27000 series, FedRamp, etc.
• Experience in one or more programming languages, ideally Go or Python
• Certifications in the domain of penetration testing, incident response or computer forensics (e.g. OSCP, GCIH, GCFA, etc.)
• Experience working in open-source communities
• Past success in critical infrastructure industries including defense, cybersecurity, communications, manufacturing, or other vital functions.
• Experience managing endpoint security for a fully remote organization

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.