Distinguished Engineer Security Architecture
United States
Applications have closed
GoDaddy
Die Komplettlösung für das Wachstum im Internet. Wer jetzt den kostenlosen Testzeitraum beginnt, kann eine elegante Website gestalten, einen Domainnamen erwerben, schnelles Hosting erhalten, unser Online-Marketing ausprobieren und erhält...Location Details: USA Remote
At GoDaddy the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.
This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.
This position is not eligible to be performed in Alaska, Colorado, Mississippi, North Dakota, or the Virgin Islands.
Join our team...
GoDaddy is currently seeking a highly motivated and accomplished Distinguished Security Engineer to join our team. This individual will play a crucial role in our global mission to seamlessly integrate security measures across all our business units.
A Distinguished Security Engineer, in the GoDaddy Information Security division, leads all aspects of, driving, and establishing our multi-year security strategy to integrate security across our business units. Holding core accountability for establishing strategy and security architecture standards and security of our core networks, infrastructure, and cloud assets.
What you'll get to do...
- Establish cyber security capabilities to securely architect, design, audit and scale networks, systems, infrastructure and cloud assets serving GoDaddy customers
- Develop, coach, and mentor Engineers and growth leaders, while closely collaborating with product/program managers, other engineering leaders and business partners
- Be responsible for developing our enterprise security architecture program to establish strategy and standards to ensure security of distributed global data centers, networks, and infrastructure assets
- Identify standards and frameworks to audit design and deployment patterns across the company to identify and address weaknesses to protect against emerging threats
- Operationalize Architectural Risk Assessments and Design Reviews of large-scale systems, ensuing secure and consistent adoption of security design and architecture standards
- Perform and coordinate reoccurring security tests and gap assessments to benchmark security capabilities of our core systems
- Drive program management activities to establish effective delivery and execution of assessments, reviews, and audits
- Establish security standards and requirements to embrace new and emerging technologies and platforms
- Partner with business stakeholders to help define and prioritize security initiatives and investments
- Create evaluation methods and performance indicators to measure efficiency of our security functions and capabilities
- Operationalize continuous testing and validation of security controls
- Partner with internal and external audit teams to drive gap assessments, cyber security audits and other audit functions required to support the organization
- Partner closely with Finance, Operation, IT, executive management, and key product leaders to build a shared vision
- Collaborate with business partners to help define and prioritize security initiatives and investments
Your experience should include...
- 10+ years consistent track record in cyber security engineering or related fields with a focus on security architecture, secure design patterns, network security and infrastructure security
- Experience establishing and scaling security architecture program, strategy, goals, and targets
- Hands on expertise in architectural risk assessment and threat modeling
- Track record in designing and operationalizing multi-tier architecture patterns to secure assets across physical and cloud infrastructure
- Prior experience integrating security detection and defensive tools and capabilities into security architecture patterns to improve mean time to detection and response
- Able to establish network segmentation requirements to segment workloads and assets based on functional capabilities, exposure, asset criticality and recovery time objectives
- Expertise is designing policy enforcement points and controls like firewalls, IPS and deploying intrusion detection systems at scale
- Strong prior experience in security audits and reviews of firewall rules, access control lists, WAF rule sets etc.
- Experience establishing security transparency and monitoring capabilities to gain end to end awareness into network and system level connectivity
- Validated experience developing anomaly detection models and rules to detect and prevent threats like lateral movement, insider threats and other emerging threats
- Able to architect and securely deploy large scale systems in public cloud (AWS, GCP) infrastructure
- Experience driving and supporting security audits and certifications including PCI DSS, ISO 2700, SOC 2 etc
- Able to lead and coordinate offensive security testing, including penetration testing and red team exercises
- Excellent written and verbal technical interpersonal skills, able to present sophisticated technical information in a clear and concise manner to a variety of audiences
You might also have...
- Bachelor’s degree in information security, Computer Science, or related field
- Master’s degree in information security
- Validated experience integrating security capabilities into business units to drive and tackle business specific challenges
- Agile, used to working in a fast-paced environment, with minimal process and maximum productivity
- Validated project management experience, familiar with working on multi-functional projects
- Proven track record of project delivery for large, multi-functional projects with evolving requirements
- Proven ability to lead and mentor other managers and security engineers whilst building and maintaining high agility and high morale
We've got your back... We offer a range of benefits that may include paid time off, retirement savings (e.g., 401k, pension schemes), incentive eligibility, equity grants, participation in an employee stock purchase plan, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.
We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way.
About us... GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us.
At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page.
GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy.
Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to myrecruiter@godaddy.com.
GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Audits AWS Cloud Computer Science Finance Firewalls GCP Intrusion detection IPS Monitoring Network security Offensive security PCI DSS Pentesting Red team Risk assessment Security strategy SOC SOC 2 Strategy
Perks/benefits: 401(k) matching Career development Equity / stock options Parental leave Startup environment Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.