Senior Product Security Engineer, Cloud Security

Working at Atlassian
Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
Overview
As a Senior Product Security Engineer, Cloud Security at Atlassian, you will play a key role in securing our cloud platforms and products. You'll work closely with engineering teams to design, implement, and improve security controls, drive secure-by-default practices, and help scale security across Atlassian's cloud environments. You will identify risks, propose mitigations, and ensure our systems are resilient, reliable, and secure. This role is hands-on, collaborative, and focused on delivering impactful security outcomes for Atlassian's customers and engineering teams.
Responsibilities
As a Senior Product Security Engineer, Cloud Security, you will be the Technical SME, promoting automation, review cloud platforms and service designs and architecture and drive our security teams to equip the engineering teams with the latest tools, techniques and methodologies to build secure products by default. You will be responsible for partnering with our security teams and leadership groups across Atlassian's vast footprint to uplift our security programs. Some of your key responsibilities will include:

• Security Assessments & Threat Modeling: Collaborate with engineering teams to conduct security assessments and threat modeling for cloud-native and SaaS products.
• Secure Architecture & Design Reviews: Review and influence the design of cloud architectures (AWS, GCP, Azure), ensuring robust security controls and secure-by-default practices.
• Automation & Detection: Develop and maintain automation for security controls, reducing manual effort in detecting and remediating security gaps.
• Operational Excellence: Drive improvements to the operational quality of features built by your team, including documentation, reusable standards, reliability, and performance.
• Mentorship & Collaboration: Mentor engineers, share knowledge, and contribute to a collaborative and inclusive environment.
• Continuous Improvement: Identify opportunities to improve security processes and tooling and share improvements to benefit other teams. You will also be responsible for use solutions to optimize the overall security posture, such as CSPMs, which can not only aid in security reviews but also help mature security standards.
• Incident Response: Partner with the Incident Response teams to provide cloud security expertise during incident investigations.
• Stakeholder Engagement: Communicate security risks and solutions to both technical and non-technical stakeholders, influencing decision-making and adoption of security best practices

On Your First Day, We'll Expect You To Have

• 10+ years of experience working in security-focused roles, with a strong emphasis on cloud security.
• Demonstrated experience collaborating with engineering teams to conduct security assessments and threat modeling for SaaS and cloud-native products.
• Hands-on expertise in cloud security, with a focus on AWS, GCP, and/or Azure, and experience with container security (Docker, Kubernetes).
• Review and influence the design of cloud architectures (AWS, GCP, Azure), ensuring robust security controls and secure-by-default practices. Involves security assessments for highly regulated cloud environments and offerings, such as Isolated, Private, Government and FedRamp environments.
• Experience overseeing security design reviews for services transitioning to micro-services architectures.
• Proficiency in at least one programming language (for example, Python, Go, Java, or JavaScript) and scripting for automation.
• Experience integrating security into CI/CD pipelines and infrastructure as code (IaC).
• Ability to communicate complex security concepts clearly and influence engineering teams.
• Experience mentoring or coaching other engineers and contributing to a collaborative team environment

Qualifications
Required:

• Bachelor's or Master's degree in Computer Science, Information Security, or a related field (or equivalent practical experience).
• Strong understanding of cloud security architecture, zero trust, data isolation, encryption, and multi-tenancy.
• Experience with infrastructure as code, secrets management, and integrating security into the SDLC.
• Familiarity with detection engineering, cloud logs, IAM graphs, and alert tuning.
• Ability to balance UX/developer needs with security requirements.
• Excellent communication and collaboration skills.

It's great, but not required if you have:

• Experience writing software that enables security processes.
• CVEs to your name or contributions to open-source security software.
• Delivered industry presentations or published security research.
• Experience with serverless architectures or securing containerized workloads
• Contributions to open-source security software
• Delivered industry presentations

You'll Thrive Here If You

• Take ownership of outcomes and drive projects to completion.
• Are proactive in identifying and mitigating security risks.
• Enjoy collaborating across teams and mentoring others.
• Communicate clearly and adapt your message to your audience.
• Are passionate about scaling security through automation and best practices.

Benefits & Perks
Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit go.atlassian.com/perksandbenefits .
About Atlassian
At Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.
To learn more about our culture and hiring process, visit go.atlassian.com/crh .