Staff Security Engineer

Posted Dec 23

Mattermost is an open source platform for secure collaboration across the entire software development lifecycle. Hundreds of thousands of developers around the globe trust Mattermost to increase their productivity by bringing together team communication, task and project management, and workflow orchestration into a unified platform for agile software development. 

Founded in 2016, Mattermost’s open source platform powers over 800,000 workspaces worldwide with the support of over 4,000 contributors from across the developer community. The company serves over 800 customers, including European Parliament, NASA, Nasdaq, Samsung, SAP, United States Air Force and Wealthfront, and is backed by world-class investors including Battery Ventures, Redpoint, S28 Capital, YC Continuity. To learn more, visit www.mattermost.com.


We value high impact work, ownership, self-awareness and being focused on customer success. If these values match who you are, we hope you'll learn more about working at Mattermost and apply!

Mattermost is seeking a result-driven and analytical Staff Security Engineer to help monitor, build, and maintain our company and SaaS security infrastructure along with processes across the company. As part of our Security team you will work closely with a globally distributed team to ensure the safety of our infrastructure and services.

You will be responsible for the implementation of additional security tooling, hardening, and/or processes across the company. Coordinating and collaborating with relevant stakeholders, gathering requirements, and leading implementation.

Responsibilities

  • Lead security projects to enhance security posture of infrastructure and company
  • Detect, respond to, and remediate security incidents
  • Development, review, and enforcement of company-wide security policies and processes
  • Ownership of company-wide IAM solution
  • Setup and maintenance of monitoring infrastructure
  • Setup and maintenance of incident response and forensic toolkit

Requirements

  • Bachelor's degree in Computer Science or related fields, or significant professional security experience
  • 4+ years of demonstrated experience in security engineering and incident response
  • Experience with security monitoring systems
  • Experience with security controls for cloud environments such as AWS, GCP and/or Azure
  • Experience with identity and access management
  • In-depth knowledge of Linux systems
  • Experience with Kubernetes and Docker
  • Experience with infrastructure automation and software delivery
  • Excellent written and verbal communication skills
  • Demonstrable teamwork skills and resourcefulness

Preferred Background/Skillset

  • Experience with certification processes such as SOC2, ISO 27000 series, FedRamp, etc.
  • Experience in one or more programming languages, ideally Go or Python
  • Certifications in the domain of penetration testing, incident response or computer forensics (e.g. OSCP, GCIH, GCFA, etc.)
  • Experience working in open source communities
  • Experience working with U.S. Federal Government and related security and compliance requirements
  • Ability to obtain security clearance

$180,000 - $280,000 a year

The pay range for this position at commencement of employment is expected to be between $180,000 and $280,000/year; however, pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. Please refer to the Mattermost employee handbook and our careers page for more information on our total compensation package.  Colorado Only: The total compensation package for this position may also include other elements, including a sign-on bonus, stock options, and discretionary awards in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as vacation, sick time, and parental leave), dependent on the position offered. Details of participation in these benefit plans will be provided if an employee receives an offer of employment. Washington Only: The total compensation package for this position also includes other elements, including stock options, annual target variable, and participation in the Company’s annual bonus program. Employees and eligible dependents are covered by medical, dental, vision, and basic life insurance. Employees are also eligible to enroll in a 401(k) plan. Employees are eligible for unlimited vacation.  

If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) or benefits at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

Mattermost is an EEO Employer. We are a remote-first company with staff living and working across the globe. We are currently hiring staff in these countries/regions:

Canada - Germany - Greece - India - Spain - United Kingdom - United States

We are constantly working towards adding more countries/regions to this list, but first we need to make sure we are compliant with local laws and regulations, which takes time. 

Mattermost is made up of people from a wide variety of backgrounds and lifestyles. We embrace diversity and invite applications from people from all walks of life. We don't discriminate against staff or applicants based on gender identity or expression, sexual orientation, race, religion, age, national origin, citizenship, disability, pregnancy status, veteran status, or any other differences. Also, if you have a disability, please let us know if there's any way we can make the interview process better for you; we're happy to accommodate!