Atlassian is a publicly-traded computer software business specializing in collaboration, development, and issue-tracking software for teams. As an employer, Atl
Head of Product Security
Location
Washington
Posted
11 hours ago
Salary
$244.3K - $384.2K / year
Seniority
Lead
Job Description
Head of Product Security
Atlassian
The Atlassian Security Team's purpose is to build trust. We seek to lead our peers in cloud and product security, meet all customer requirements and exceed requirements for industry security standards and certifications. Do you believe an organization should be open and transparent about its programs, processes, and metrics? We do. This is why we share our journey and encourage other cloud providers to do the same. We are looking for a Head of Product Security to partner with the broader Trust Organization and all of Atlassian, to shape our security posture, work across product teams, infrastructure organizations and security functions globally in a highly collaborative and engineering-driven environment to improve the security of both our Data Center and Cloud products, our infrastructure and our entire company. We are seeking an experienced and visionary security engineering leader who wants to join a team of highly talented security leaders and professionals who are revolutionizing the delivery of Atlassian platform to the world's most critical organizations in a secure way. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. This position requires strong cross-organizational leadership, communication skills, deep technical security knowledge and being very hands-on with product designs, threat modeling, security reviews, vulneability management and end-to-end security controls from a product and system infrasturcture perspective. Working at Atlassian Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. You will be expected to lead the organization that is responsible to: - Collaborate with cross functional teams to define various security controls and translate them for engineering implementation for the Atlassian prodiuct teams. - Develop and execute a comprehensive product security strategy that aligns with our core strategic objectives, and exceeds the high expectations set by our customers - Partner with product development teams to embed security best practices and considerations across the entire development lifecycle, ensuring that new features meet the highest trust standards - Collaborate with senior technical leadership across Atlassian infrastructure and IT teams to provide technical leadership to maintain compliance and adhere to different regulatory requirements. - Promote automation and drive our corporate teams to use the latest security tools, techniques and methodologies to build secure products by default. At Atlassian, we strive to design equitable, explainable, and competitive compensation programs. We follow consistent hiring practices and account for each candidate's skills, knowledge, and experience when setting base pay within the range. Please visit go.atlassian.com/payzones for more information on which locations are included in each of our geographic pay zones. However, please confirm the zone for your specific location with your recruiter. This role may also be eligible for benefits, bonuses, commissions, and equity. In The United States, we have three geographic pay zones. For this role, our current base pay ranges for new hires in each zone are: Zone A: $294,300 - $384,225 Zone B: $265,500 - $346,625 Zone C: $244,269 - $318,907 Your background: - At least 10+ years of multifaceted security leadership and management experience in a technology-centric company, including experience leading security teams of 0+ engineers and analysts in a globally distributed organization that services dozens of partners. - Expertise in threat modeling and the associated frameworks (e.g. STRIDE) coupled with the ability to lead and mentor across the organization on the key principles of threat modeling as well as risk assessment. - Understanding of compliance frameworks and their application to standards (e.g. SOC 2, HIPAA). Demonstrated ability to develop a strategic approach to streamline product security processes and capabilities. - Experience designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective and offensive security solutions. - Experience securing cloud based infrastructures; AWS, G-suite, Salesforce, etc - Experience leading highly complex, org wide security change programs - Outstanding interpersonal and communication skills including EQ, mentoring, coaching, collaborating, and team building; ability to influence both internally and externally, and to drive multi-functional alignment and action - Experience in planning and driving direction autonomously - both as a hands-on security engineer, and as a leader - Maintain an area of core strength in one or more security infrastructure disciplines where you can lead through your expertise - Understanding regulatory requirements and controls such as GDPR, SOX , SOC 2, FedRAMP etc. - Track-record in working effectively with scaled systems and different methods for maintaining a security posture - Comfort in the level and speed of learning and ambiguity needed to navigate fast-evolving fields like AI - Excellent oral and written communications skills and experience interacting with both business and Development/Engineering individuals at all levels including the executive level Benefits & Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit go.atlassian.com/perksandbenefits . About Atlassian At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together. We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines. To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them. To learn more about our culture and hiring process, visit go.atlassian.com/crh . In line with local law, identity verification (which may include use of biometric data) is a condition of employment with Atlassian for employment fraud purposes.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Security Engineer – Elastic SIEM, Detection Engineering
AcronisNatively integrated, highly efficient cyber protection.
• Own and optimize the Elastic Security platform (Elasticsearch, Kibana, Fleet, Logstash, Elastic Agents) • Design and maintain ingestion pipelines for cloud, endpoint, network, and application telemetry • Improve telemetry quality, data retention, performance, and investigation workflows • Integrate SIEM workflows with SOAR and automation tooling • Build and maintain a Detection-as-Code pipeline using Git-based workflows and CI/CD automation • Develop, test, tune, and maintain high-fidelity detections using Elastic Security, EQL, and KQL • Reduce alert noise through tuning, enrichment, suppression, and exception handling • Map detections to MITRE ATT&CK and drive detection coverage strategy • Assist with complex alert escalations and perform initial incident scoping • Translate incident learnings into improved detections and telemetry coverage • Partner with other teams to improve logging and visibility
• Run our GRC program — then automate it. • Own how customer data moves through our stack. • Be the security gate for new tools and vendors. • Make Close best-in-class at communicating trustworthiness. • Coordinate product security audits. • Investigate and clean up security incidents. • Own our identity and device security. • Run our employee security program.
Role Description This role is responsible for identifying, attracting, and securing top-tier talent for highly specialized positions within Cyber Security and IT industry. It requires a deep understanding of the Cyber Security and IT industry landscape, including key industry players, emerging technologies, and critical skill sets. Success in this position depends on strategic networking, leveraging diverse recruitment methodologies, and building strong relationships with both candidates and hiring managers to facilitate a seamless hiring process. This role will report to the client Delivery Manager and/or Director depending on the account type. Location: Remote Responsibilities - Full-cycle recruitment management for specialized technical and niche roles, overseeing the process from requisition intake to offer negotiation and onboarding. - Development and execution of innovative sourcing strategies to engage passive candidates with specialized skill sets, utilizing industry-specific job boards, professional networks, conferences, and referrals. - Deep industry expertise in Cyber Security and IT industry, maintaining knowledge of key companies, competitive landscape, emerging technologies, and critical skill sets while acting as a subject matter expert. - Leverage expertise, market knowledge, and insights to build trust and strong relationships with hiring managers and candidates, ensuring a positive, professional recruitment experience. - Collaboration with hiring managers to understand hiring needs, provide market insights, and develop tailored recruitment strategies. - Thorough screening and assessment of candidates through technical and behavioral interviews, utilizing appropriate assessment tools. - Offer negotiation management, ensuring competitive and attractive compensation packages. - Accurate data management and tracking of key recruitment metrics within the Applicant Tracking System (ATS). - Continuous market research on industry trends, competitor activities, and compensation benchmarks to refine recruitment strategies. - Support for employer branding efforts by representing the company at industry events and online forums. Qualifications - Bachelor’s degree in human resources, Business Administration, or a related field preferred or experience equivalent. - At least 3+ years in full-cycle recruitment of successfully placing candidates in specialized technical or niche industry. - Deep understanding of the Cyber Security and IT industry, including key players, technologies, and skill sets. - Possess executive-level experience with a strong focus on executive search, including sourcing, engaging, and hiring senior leaders. - Demonstrated ability to partner with top-level executives, understand complex business needs, and deliver high-quality talent solutions aligned with organizational goals. - Proficiency with Applicant Tracking Systems (ATS), LinkedIn Recruiter, and other sourcing tools. - Demonstrated ability to develop and execute effective sourcing strategies, including passive candidate sourcing. - Excellent verbal and written communication skills for effective interaction with candidates, hiring managers, and stakeholders. - Possess strong business acumen. - Strong interpersonal skills with the ability to build and maintain relationships. - Creative and strategic problem-solving abilities to address recruitment challenges. - Strong organizational skills with the ability to manage multiple requisitions simultaneously. - Must be 18 years of age or older. Requirements - Salary Range: $31.59 - $44.23 per hour, depending on experience and geographic location. - Please note that actual compensation offered may vary based on local pay requirements and will meet or exceed state-specific minimum wage or salary thresholds. Benefits - Employees and their eligible dependents are offered Medical/Dental/Vision insurance and short term disability, in addition to other programs. - Up to 10 days Paid Time Off per year.
Principal Information Security Engineer - Blockchain Technology
MastercardFounded in 1966, Mastercard is a worldwide transaction, payment-processing, and consulting company best known for its line of personal and business credit cards. As an employer, Ma
Our Purpose Mastercard powers economies and empowers people in 200+ countries and territories worldwide. Together with our customers, we're helping build a sustainable economy where everyone can prosper. We support a wide range of digital payments choices, making transactions secure, simple, smart and accessible. Our technology and innovation, partnerships and networks combine to deliver a unique set of products and services that help people, businesses and governments realize their greatest potential. Title and Summary Principal Information Security Engineer - Blockchain Technology Who is Mastercard? Mastercard is a global technology company in the payments industry. Our mission is to connect and power an inclusive, digital economy that benefits everyone, everywhere by making transactions safe, simple, smart, and accessible. Using secure data and networks, partnerships and passion, our innovations and solutions help individuals, financial institutions, governments, and businesses realize their greatest potential. Our decency quotient, or DQ, drives our culture and everything we do inside and outside of our company. With connections across more than 210 countries and territories, we are building a sustainable world that unlocks priceless possibilities for all. Mission First, People Always As Corporate Security, we are responsible for keeping Mastercard safe and secure from cyber and physical threats, and it is our people on the frontlines who make this happen every day. By taking care of our people, their wellbeing, and career development, we provide them the necessary tools and environment to ensure the success of our mission. Overview Mastercard is seeking a Principal Information Security Engineer to support Mastercard's Crypto Products and Solutions Blockchain Networks platforms. This role is ideal for a security leader who thrives in fast moving, high availability environments and is passionate about building secure, scalable, and resilient payment ecosystems. You will drive the security roadmap for the Crypto Products and Solutions Blockchain Networks program, partnering closely with engineering, product, and global business teams to ensure our blockchain services meet the highest standards of security, compliance, and customer trust. You will influence architecture, guide security-by-design practices, and help shape the future of Mastercard's international payment capabilities. Role As a Principal Information Security Engineer supporting Crypto Products and Solutions Blockchain Networks, you will: Security Architecture & Strategy• Influence and implement security requirements, standards, and architectural patterns for large scale, Crypto Products and Solutions Blockchain Networks platforms.• Define platform level security architecture and drive execution of long term security strategy for Crypto Products and Solutions Blockchain Networks.• Lead threat modelling, risk assessments, and security design reviews for high velocity, high availability systems. Engineering & Delivery• Support the design, testing, and implementation of complex security solutions aligned with regulatory, operational, and customer requirements.• Identify risks and propose compensating controls tailored to blockchain transaction flows and blockchain environments.• Partner with engineering teams to embed security into CI/CD pipelines, APIs, cloud services, and blockchain processing components. Leadership & Influence• Serve as a trusted advisor to engineering and business leaders across Crypto Products and Solutions Blockchain Networks programs.• Apply deep technical expertise to mentor and develop junior engineers and security practitioners.• Provide input into performance evaluations for team members and emerging talent. Stakeholder Engagement• Build and maintain strong relationships with business owners, product teams, engineers, project managers, customers, and senior leadership.• Translate security concepts into actionable guidance for diverse technical and non technical audiences.• Represent Corporate Security in Crypto Products and Solutions Blockchain Networks initiatives, regulatory discussions, and cross functional working groups. All About You You are an experienced security leader with a passion for enabling secure, blockchain services. You bring: Technical & Leadership Experience• Undergraduate degree preferably in computer science/information security or work experience equivalent of 10-15 years in information security disciplines.• Extensive IT experience demonstrating thought leadership and cross functional influence.• Proven success enabling business outcomes through strong technical decision making.• Experience influencing project teams and collaborating with business partners, vendors, and consulting organisations.• Excellent communication skills, with the ability to influence, negotiate, and drive alignment across global teams.• CISSP/CISM or industry recognised security certification an advantage. Security Engineering Expertise• Strong background in information security engineering, including risk identification and compensating control design. • Knowledge of blockchain security principles and ability to reflect them as security requirements• Strong understanding of cryptography concepts e.g. symmetric/asymmetric encryption, hashing, digital signatures, including their application in blockchain technologies• Experience supporting or securing blockchain solutions, is highly beneficial.• Experience in Secure-SDLC processes and their support across development teams highly beneficial Risk & Compliance Framework Expertise• Demonstrated experience working with risk based security and compliance frameworks, including SOC 2, PCI DSS, DORA, and the Cyber Risk Institute CRI profiles, or other relevant regulatory or industry standards.• Ability to understand, interpret and apply security related frameworks across complex technology environments.• Experience collaborating with audit, compliance, and regulatory teams to ensure alignment between security controls, business processes, and external obligations.• Proven capability to assess control effectiveness, identify gaps, and drive remediation strategies that balance security, operational efficiency, and business needs. Corporate Security Responsibility Every person working for, or on behalf of, Mastercard is responsible for information security. All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and therefore, it is expected that the successful candidate for this position must: • Abide by Mastercard's security policies and practices;• Ensure the confidentiality and integrity of the information being accessed;• Report any suspected information security violation or breach, and • Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines. Corporate Security Responsibility All activities involving access to Mastercard assets, information, and networks comes with an inherent risk to the organization and, therefore, it is expected that every person working for, or on behalf of, Mastercard is responsible for information security and must: - Abide by Mastercard's security policies and practices; - Ensure the confidentiality and integrity of the information being accessed; - Report any suspected information security violation or breach, and - Complete all periodic mandatory security trainings in accordance with Mastercard's guidelines.



