Senior Security Engineer (Remote)

Mattermost provides secure, workflow-centric collaboration for technical and operational teams that need to meet nation-state-level security and trust requirements. We serve technology, public sector, national defense, and financial services industries with customers ranging from tech giants to the world’s largest banks, to the U.S. Department of Defense and governmental agencies around the world.

Our self-hosted and cloud offerings provide integrated workflow automation, AI-acceleration, ChatOps with team messaging, audio calling and screen share on an open core platform vetted and deployed by the world’s most secure and mission critical organizations.

We co-build the future of collaboration with over 4,000 open source project contributors who’ve provided over 30,000 code improvements towards our shared product vision, which is translated into 20 languages.To learn more, visit www.mattermost.com

Mattermost is seeking a result-driven and analytical Senior Security Engineer to help monitor, build, and maintain our company and SaaS security infrastructure along with processes across the company. As part of our Security team you will work closely with a globally distributed team to ensure the safety of our infrastructure and services.

You will be responsible for the implementation of additional security tooling, hardening, and/or processes across the company; coordinating and collaborating with relevant stakeholders, gathering requirements, and leading implementation.

Responsibilities

• Lead security projects to enhance security posture of infrastructure and company
• Detect, respond to, and remediate security incidents
• Development, review, and enforcement of company-wide security policies and processes
• Ownership of company-wide IAM solution
• Setup and maintenance of monitoring infrastructure
• Setup and maintenance of incident response and forensic toolkit

Required Background/Skills

• Bachelor's degree in Computer Science or related fields, or significant professional security experience
• 3+ years of demonstrated experience in security engineering and incident response
• Experience with security monitoring systems
• Experience with security controls for cloud environments such as Azure and AWS.
• Experience with identity and access management
• In-depth knowledge of Linux systems
• Experience with Kubernetes and Docker
• Experience with infrastructure automation and software delivery.
• Excellent written and verbal communication skills
• Demonstrable teamwork skills and resourcefulness

Preferred Background/Skills

• Experience with certification processes such as SOC2, ISO 27000 series
• Experience in one or more programming languages, ideally Go or Python
• Certifications in the domain of penetration testing, incident response or computer forensics (e.g. OSCP, GCIH, GCFA, etc.)
• Past success in critical infrastructure industries including defense, cybersecurity, communications, manufacturing, or other vital functions.
• Experience managing Microsoft 365