Senior Security GRC Engineer

Overview

The Senior Security GRC Engineer at Atlassian will be instrumental in implementing and managing the company's security risk and governance strategy. This role requires a deep understanding of cybersecurity and risk management, as well as the ability to collaborate with various stakeholders within Atlassian including but not limited to Security, Engineering, Risk and Compliance teams.

The Senior Security GRC Engineer plays a key role in maintaining Atlassian's strong security posture, managing security risks and supporting leadership in making risk-informed decisions. The engineer should understand the business deeply and collaborate with different teams to ensure that security is integrated into all aspects of the organization.

Responsibilities

• Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default. Drive technical solutions in security and risk management.

• Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data. Utilize visualization tools to present complex security metrics and trends in an understandable manner, aiding strategic decision-making and enhancing the organization's security posture.

• Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes, equipping teams with the necessary resources to build secure products by default.

• Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security, and developing comprehensive strategies to address them effectively.

• Collaborate with product security teams, implementing security controls and best practices to ensure a cohesive approach to risk management.

• Regularly evaluate and report, assessing the effectiveness of security controls to ensure continuous improvement and rapid adaptation to the latest cybersecurity developments.

• Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives, ensuring security risk considerations are integrated into product development decisions.

• Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements to ensure Atlassian's security practices and controls remain compliant and mitigate potential legal and reputational risks.

Qualifications

• 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment

• Expertise and experience working in security-focused roles

• Experience with application security, especially web applications

• Experience in cloud security architecture and infrastructure

• Experience providing SME knowledge and guidance to stakeholders and engineering functions

• Experience working with internal/external audit and leadership teams.

• Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks

• Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way

• Relevant certifications such as CISSP, CISM, or CRISC would be beneficial

• Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)

Our perks & benefits

Atlassian offers a variety of perks and benefits to support you, your family and to help you engage with your local community. Our offerings include health coverage, paid volunteer days, wellness resources, and so much more. Visit go.atlassian.com/perksandbenefits to learn more.

About Atlassian

At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.

We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.

To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.

To learn more about our culture and hiring process, visit go.atlassian.com/crh.