Job Closed
This listing is no longer active.
GoDaddy is a web services platform that helps individuals and businesses worldwide start, grow, and manage their online presence. GoDaddy employs team members across North America,
Principal Security Engineer - GRC
Location
United States
Posted
21 days ago
Salary
0
Seniority
Lead
Job Description
Principal Security Engineer - GRC
GoDaddy
Role Description Join our team as an Information Security Leader at GoDaddy. We help solve large-scale and cross-company issues while ensuring that partnership with the development and operational communities remains front of mind. GoDaddy is looking for a Principal Risk Engineer with: - Security risk management experience - Technical depth - Strong leadership abilities - Experience building and performing information security audits and gap assessments You must be comfortable: - Communicating with internal teams and external auditors - Designing and leading security campaigns - Prioritizing the resolution of audit findings while applying a risk-based approach As a team, we will help: - Identify any gaps in security control implementation - Design solutions to manage security risks at scale - Provide the information needed to make risk-based decisions and planning What you'll get to do: - Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we follow - Perform targeted gap assessments to identify any deviations from the control framework - Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk - Partner with other InfoSec teams and Engineering teams to define and prioritize security initiatives and investments guided by risk assessment principles - Align risk management initiatives with applicable compliance regulations Qualifications - 10+ years of professional experience in Information Security or related fields such as Information Technology, IT Audit, etc. - 6+ years of dynamic experience managing programs related to information security and information security audits - Experience building unified security controls frameworks - Experience managing audits applying compliance frameworks such as PCI DSS, NIST CSF, NIST 800-53, ISO, SOC-2 etc. - Executive reporting on the status of security programs and campaigns - Experience in Security Engineering concepts such as Threat modeling and architecture reviews - Experience with auditing cloud infrastructure such as AWS Requirements - A bachelor’s degree in computer science or related field - Certifications like PCI ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc. - Experience working at a Big 4 Audit firm(s) Benefits - Paid time off - Retirement savings (e.g., 401k, pension schemes) - Bonus/incentive eligibility - Equity grants - Participation in our employee stock purchase plan - Competitive health benefits - Family-friendly benefits including parental leave Company Description GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences, and perspectives. GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Engage in a 45-minute AI-moderated video interview. • Discuss your professional experiences with security and monitoring systems. • Provide constructive feedback on current technology solutions. • Share insights on future needs and challenges in operational security.
Senior Application Security Engineer
Felix Technologies, Inc.At Félix, we're building the financial ecosystem for Latin immigrants in the U.S., starting with a revolution in remittances. Our core product is an AI-powered chatbot built on WhatsApp, allowing our users to send money home as easily as sending a text message. We leverage cutting-edge technology like AI, blockchain, and stablecoins to make cross-border payments faster, more affordable, and more accessible than ever before. We are a hyper-growth Series B company, backed by over $100 million in funding from top-tier global investors, including QED, Castle Island, Switch Ventures, HTwenty, Monashees, and General Catalyst Customer Value Fund. This isn't just about the numbers; it's a testament to the trust our investors have in our vision and our team. Additionally, Félix was selected as an “Endeavour Entrepreneur” and was a recipient of the CrossTech Fintech Startups Award. We are a group of extremely talented and dedicated high-performers, united by our shared obsession with a single goal: empowering our customers. Joining Félix means you will be part of a team building a legacy, a company that will outlive us all. This is a rare opportunity to apply your skills to a deeply meaningful mission—serving a community that has been underserved for too long. We are a team that is fiercely loyal to each other, where radical transparency and constructive feedback are how we grow and push for excellence. We are bold, we care less about what others are doing, and more about creating sustainable value and a product that truly makes our users' lives better. We are building the future, today.
Role Description Félix is looking for a Senior Application Security Engineer to help scale the security of our software development lifecycle in a fast-growing, cloud-native fintech platform. This is a hands-on role focused on embedding security across CI/CD pipelines and developer workflows. You will work closely with SecOps and engineering teams to ensure that security controls are integrated early in the development process, enabling teams to ship secure code quickly and confidently. Your mission is to ensure that application security is consistently integrated into Félix’s SDLC, strengthening our overall security posture while supporting rapid product development. Responsibilities - Build and Automate Secure CI/CD Pipelines: Design, implement, and maintain security controls within our GitHub Actions CI/CD pipelines. - Drive Vulnerability Management: Take ownership of our vulnerability management program using platforms like DefectDojo. - Champion Secure Development: Act as a security subject matter expert for our product engineering teams. - Coordinate Security Assessments: Manage and support internal and external penetration testing engagements. - Develop Security Standards: Help define and document foundational security requirements for source code management. - Support Compliance Initiatives: Partner with our GRC function to implement necessary application security controls. Qualifications - Proven experience as an Application Security Engineer, Product Security Engineer, or in a similar role. - Hands-on experience building, securing, and operating CI/CD pipelines, preferably with GitHub Actions. - Strong proficiency with security scanning tools (e.g., SAST, DAST, SCA, secret scanning). - Proficiency in a scripting or programming language, with a strong preference for Python. - Deep understanding of web application vulnerabilities, secure architecture principles, and the OWASP Top 10. - Experience working with cloud-native technologies and environments (GCP, Kubernetes/GKE, Docker). - Experience in a regulated industry (Fintech, Healthcare, etc.) and familiarity with compliance frameworks like SOC 2 and PCI DSS. - Experience with Infrastructure-as-Code tools like Terraform and related security scanners (e.g., Checkov). - Familiarity with vulnerability management platforms like DefectDojo. Requirements - These are the applicable requisites, although equivalent competencies in any of the above will also be considered. Benefits - Competitive salary - Initial stock options grant - Annual performance bonus - Health, dental, and vision plans - Remote work environment, although we have offices in Miami and México City. - Continuous learning opportunities - Unlimited PTO - Paid parental leave - Empowering opportunities for growth in a dynamic entrepreneurial environment Equal Opportunity Employer At Félix, we are committed to providing equal employment opportunities to all qualified employees and applicants without regard to race, religion, nationality, sex, sexual orientation, gender identity, age, or disability.
Enterprise Security Trust Program Manager
SnowflakeSnowflake delivers the AI Data Cloud to help organizations share data, build apps and power their business with AI.
• Develop understanding of regulated industry compliance requirements as they apply to Snowflake. • Establish programs to manage Snowflake’s compliance posture with those regulations, including ensuring readiness, how we communicate that posture externally, and leading customer or regulator audits of the same. • Become an expert on Snowflake’s control environment, security features and best practices for customer deployment. • Respond to customer inquiries about Snowflake’s security and compliance obligations and lean into how we can enable customers and field personnel to increasingly self-serve. • Become a trusted advisor, facilitator and respond to customer and regulatory inquiries about Snowflake’s security and compliance obligations and documentation. • Participate in sales calls to discuss Snowflake's security and compliance capabilities.
• Manage and conduct advisory assignments in the field of cybersecurity and compliance • Guide and conduct evaluations based on recognized control frameworks or specific frameworks used by Bureau Veritas Cybersecurity • Assist organizations in implementing ISMS and CSMS in accordance with relevant standards • Actively contribute to the development of knowledge and services • Support key clients with coordination across multiple stakeholders
