Principal Security Engineer

Summary

Join GoDaddy as a Principal Security Engineer and become an Information Security Leader. You will help solve large-scale, cross-company issues while partnering with development and operational teams. This remote position requires experience in security risk management, technical expertise, strong leadership, and conducting information security audits and gap assessments. You will build and manage a security controls framework, perform detailed analysis of information security controls, propose and manage enterprise-wide security campaigns, and partner with other teams to prioritize security initiatives. The role involves aligning risk management with compliance regulations and communicating effectively with internal and external stakeholders. GoDaddy offers a range of benefits, including paid time off, retirement savings, bonuses, equity grants, health benefits, and parental leave.

Requirements

• 10+ years of experience in Information Security or related fields such as Software Development, System Administration, QA Engineer, IT Audit, etc
• Minimum of 6+ years of progressive experience managing programs related to information security and information security audits
• Experience with building unified security controls frameworks
• Experience with managing audits utilizing compliance frameworks such as PCI DSS, NIST CSF, NIST 800-53, ISO, SOC-2 etc
• Experience with Security Engineering concepts such as Threat modeling, architecture reviews, etc

Responsibilities

• Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we comply with
• Perform detailed analysis and review of information security controls, as well as targeted gap assessments to identify any deviations from the framework
• Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk
• Partner with other InfoSec and Engineering teams to define and prioritise security initiatives and investments using a risk-based approach
• Align risk management initiatives with applicable compliance regulations

Preferred Qualifications

• Certifications such as PCI QSA/ ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc
• Prior experience with system administration, scripting, and/or automation techniques

Benefits

• Paid time off
• Retirement savings (e.g., 401k, pension schemes)
• Bonus/incentive eligibility
• Equity grants
• Participation in our employee stock purchase plan
• Competitive health benefits
• Parental leave