Senior Security Engineer

At Mattermost, we build the #1 collaborative workflow solution for defence, intelligence, security, and critical infrastructure organisations. Trusted by governments, financial institutions, and technology companies, our platform enables secure, efficient operations for the world's most critical teams. We're dedicated to empowering organisations to operate with confidence, reducing risks, and accelerating productivity. Guided by our core values of Customer Obsession, Earn Trust, Self Awareness, Ownership, and High Impact, we collaborate closely with our customers to deliver solutions that meet complex needs and drive success.

Mattermost is hiring a Senior Security Engineer to play a key role in safeguarding our company, SaaS platforms, and IT infrastructure. As a vital member of our Security team, you'll collaborate with a globally distributed group of top talent to design, monitor, and implement security processes that ensure the resilience of our services. Join us to take your career to the next level while shaping the future of secure platforms in a fast-paced, innovative environment.

You will be responsible for the implementation of additional security tooling, hardening, and/or processes across the company, coordinating and collaborating with relevant stakeholders, gathering requirements, and leading implementation.

Responsibilities include:

• Lead security and IT projects to enhance security posture of infrastructure and company.
• Detect, respond to, and remediate security incidents.
• Contribute to the development, review, and enforcement of company-wide security policies and processes.
• Administration of company-wide IAM solution.
• Administration of security monitoring infrastructure.
• Contribute to growing our security incident response, forensic, and endpoint management programmes.
• Engage closely with North American and international staff.
• Partner with Engineering teams to assist and mitigate risks related to AI-enabled tools, services, and workflows.
• Explore and implement AI and automation workflows as part of detection, analysis, and response processes.

Required Background/Skill:

• Bachelor's degree in Computer Science or related fields, or significant professional security experience.
• 3 years of demonstrated experience in security engineering and incident response.
• Experience with security monitoring systems.
• Experience with security controls for cloud environments such as AWS, GCP, and/or Azure.
• Curiosity and practical experience evaluating security implications of AI systems, automation, or AI-assisted workflows.
• Experience with identity and access management.
• In-depth knowledge of Linux systems.
• Experience with Kubernetes and Docker.
• Experience with infrastructure automation and software delivery.
• Excellent written and verbal communication skills.
• Demonstrable teamwork skills and resourcefulness.
• Experience managing security of Microsoft 365 and Google Workspace tenants.

Applicants must meet eligibility requirements for access to export-controlled information as defined by U.S. export control laws, including EAR and ITAR.

Preferred Background/Skill:

• Experience with certification processes such as SOC2, ISO 27000 series, FedRamp, etc.
• Experience in one or more programming languages, ideally Go or Python.
• Certifications in the domain of penetration testing, incident response or computer forensics (e.g. OSCP, GCIH, GCFA, etc.).
• Experience working in open-source communities.
• Past success in critical infrastructure industries including defence, cybersecurity, communications, manufacturing, or other vital functions.
• Experience managing endpoint security for a fully remote organisation.

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate's starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future. Mattermost is an EEO Employer; we are a remote-first, open-source company. We are continually working to expand our hiring in more countries and regions, ensuring compliance with local laws and regulations, which takes time. Mattermost values your unique perspective—we welcome all applicants. We encourage individuals from all backgrounds to apply and are committed to assessing candidates based on their skills and qualifications. We do not tolerate discrimination against staff or applicants based on race, religion, national origin, age, disability, pregnancy status, veteran status, or other personal characteristics. If you require accommodations during the interview process, please let us know—we're happy to assist.