Senior Application Security Engineer

Atlassian can hire people in any country where we have a legal entity, assuming candidates have eligible working rights and a sufficient timezone overlap with their team. As our offices re-open, Atlassians can choose to work remotely or return to an office, unless it’s necessary for the role to be performed in the office. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
JOB DUTIES:ENSURE SECURITY (CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY) OF COMPANY’S INTERNAL SOFTWARE SERVICES AND EXTERNAL SOFTWARE PRODUCTS. PRACTICE THREAT MODELING, ARCHITECTURE/DESIGN REVIEW, STATIC ANALYSIS, AND PENETRATION TESTING TO ACHIEVE THESE OBJECTIVES. PERFORM DESIGN REVIEWS, CODE REVIEWS, AND THREAT MODELING. WORK CLOSELY WITH DEVELOPMENT TEAMS AT EACH STAGE OF THE SOFTWARE DEVELOPMENT LIFECYCLE TO INCORPORATE SECURE DESIGN, DELIVER SECURE CODE, IDENTIFY VULNERABILITIES, AND DELIVER REMEDIATION. SERVE AS SUBJECT MATTER EXPERT FOR ANY CLIENT COMPANY WITH SECURITY QUESTIONS. WORK WITH COMPANY’S SUPPORT TEAMS TO ADDRESS CUSTOMER SECURITY CONCERNS AND REPORTS. WRITE AUTOMATION TO CONTINUOUSLY TEST COMPANY’S PRODUCTS/INFRASTRUCTURE AND IDENTIFY NEW VULNERABILITIES AND TO ALLOW THE SECURITY TEAM TO FUNCTION MORE EFFICIENTLY. COLLABORATE CLOSELY WITH ALL ENGINEERING GROUPS. WORK IN CONJUNCTION WITH THE SECURITY INTELLIGENCE TEAM TO INVESTIGATE THE ROOT CAUSE OF SECURITY INCIDENTS. RECEIVE, TRIAGE, AND RESPOND TO VULNERABILITY REPORTS FROM THE PUBLIC AND VIA COMPANY’S BUG BOUNTY. WRITE NEW CODE PRIMARILY UTILIZING JAVA OR PYTHON TO PRODUCE UNIQUE AND PROPRIETARY SOFTWARE. PERFORM SOURCE CODE AUDITING FOR JAVA, SCALA, AND PYTHON LANGUAGES, COMPLETE WEB SCANNING, AND UTILIZE CUSTOM AND COMMERCIAL TOOLS. CONDUCT INDEPENDENT RESEARCH RELATED TO SECURITY ENGINEERING.
MINIMUM REQUIREMENTS:MASTER’S DEGREE IN COMPUTER SCIENCE, COMPUTER ENGINEERING, INFORMATION TECHNOLOGY OR COMPUTER SECURITY AND TWO (2) YEARS OF EXPERIENCE IN APPLICATION/PRODUCT SECURITY ENGINEERING AND BUILDING SECURITY PROGRAMS INCLUDING TWO (2) YEARS OF EXPERIENCE IN SECURITY MODELS, SECURITY ARCHITECTURE AND INFRASTRUCTURE, AND CODING IN JAVA, PYTHON OR GO.
ALTERNATE REQUIREMENTS:BACHELOR’S DEGREE IN COMPUTER SCIENCE, COMPUTER ENGINEERING, INFORMATION TECHNOLOGY OR COMPUTER SECURITY AND FIVE (5) YEARS OF EXPERIENCE IN APPLICATION/PRODUCT SECURITY ENGINEERING AND BUILDING SECURITY PROGRAMS INCLUDING FIVE (5) YEARS OF EXPERIENCE IN SECURITY MODELS, SECURITY ARCHITECTURE AND INFRASTRUCTURE, AND CODING IN JAVA, PYTHON OR GO.
SPECIAL REQUIREMENTS: MUST PASS TECHNICAL INTERVIEW.More about our benefits
Whether you work in an office or a distributed team, Atlassian is highly collaborative and yes, fun! To support you at work (and play) we offer some fantastic perks: ample time off to relax and recharge, flexible working options, five paid volunteer days a year for your favourite cause, an annual allowance to support your learning & growth, unique ShipIt days, a company paid trip after five years and lots more.
More about Atlassian
Creating software that empowers everyone from small startups to the who’s who of tech is why we’re here. We build tools like Jira, Confluence, Bitbucket, and Trello to help teams across the world become more nimble, creative, and aligned—collaboration is the heart of every product we dream of at Atlassian. From Amsterdam and Austin, to Sydney and San Francisco, we’re looking for people who want to write the future and who believe that we can accomplish so much more together than apart. At Atlassian, we’re committed to an environment where everyone has the autonomy and freedom to thrive, as well as the support of like-minded colleagues who are motivated by a common goal to: Unleash the potential of every team.
Additional Information
We believe that the unique contributions of all Atlassians is the driver of our success. To make sure that our products and culture continue to incorporate everyone's perspectives and experience we never discriminate on the basis of race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status.
All your information will be kept confidential according to EEO guidelines.
If your experience looks a little different from what we’ve identified and you think you can rock the role, we’d love to learn more about you.
Learn more about Atlassian’s culture, interviewing flow, and hiring process by checking out our Candidate Resource Hub.