Senior Security Engineer

GoDaddy
Summary
Join GoDaddy's Vulnerability Management team as a Vulnerability Management Engineer and contribute to enhancing the company's security posture. You will be responsible for developing the architecture and capability roadmap, identifying vulnerabilities across GoDaddy's global infrastructure, assisting in remediation efforts, and supporting internal stakeholders. Collaborate with cross-functional teams to ensure security hygiene and drive high-impact initiatives. This remote position requires crafting and implementing security solutions, conducting vulnerability assessments, and monitoring and reporting data for the Vulnerability Management Program. You will also drive process maturity and automation, provide leadership and mentorship, and maintain updated knowledge on evolving threat landscapes. GoDaddy offers a range of total rewards, including paid time off, retirement savings, bonus/incentive eligibility, equity grants, competitive health benefits, and family-friendly benefits.
Requirements
- 6+ years of experience in vulnerability management within mid-to-large IT organizations, especially in cloud environments; proven track record in security risk assessments, web and network vulnerability scanning, reporting, and threat modeling
- Strong hands-on experience with AWS Cloud security, including defining and implementing security controls; In-depth knowledge of desktop and server OS like RedHat/CentOS Linux and Windows Server
- Conducting detailed vulnerability assessments, impact analysis, perimeter scanning using tools like Tenable and Qualys, and identifying and remediating zero-day vulnerabilities and other critical risks
- Experience crafting automated security solutions using scripting or programming languages such as Python, Shell/BASH, Ruby, Java, C/C++, Perl
- Ability to craft and implement security solutions, identify risks, and build capability roadmaps
- Proficient in tracking/reporting key vulnerability management metrics, monitoring threats, collaborating with compliance teams for scanning/testing/reporting, supporting user remediation and false positives; skilled in tools like Microsoft Office Suite, Jira, ServiceNow
Responsibilities
- Craft and implement security solutions to identify risks, build capability roadmaps, and secure GoDaddy’s infrastructure—both cloud and on-prem—through vulnerability scanning, perimeter validation, and remediation support
- Conduct detailed vulnerability assessments, impact analysis, and perimeter scanning using tools like Tenable and Qualys; validate results and provide actionable recommendations and mitigation plans
- Monitor and report data for the Vulnerability Management Program from internal and external sources
- Collaborate with compliance teams to ensure appropriate scanning, testing, reporting, and mitigation efforts meet compliance standards, while also supporting validation of false positives and user remediation efforts
- Drive process maturity and automation by developing policies, tools, practices, and partnerships to enhance security operations and improve efficiency and throughput
- Provide leadership and mentorship to team members while maintaining updated knowledge on evolving threat landscapes, attacker techniques, and effective countermeasures
Preferred Qualifications
- Bachelor’s Degree in a relevant field or equivalent work experience
- Expert in designing and implementing vulnerability management controls aligned with major security standards (CIS, PCI-DSS, NIST, ISO 27001)
- Familiarity with CVSS, CWE, and vulnerability scoring methodologies
- Experience with Tanium and BurpSuite tools
- Hands-on experience in penetration testing
- AI-related security experience or knowledge
Benefits
- Paid time off
- Retirement savings (e.g., 401k, pension schemes)
- Bonus/incentive eligibility
- Equity grants
- Participation in our employee stock purchase plan
- Competitive health benefits
- Parental leave