Staff Security Engineer

Summary

Join Atlan, the world's first active metadata platform, and become part of a movement shaping the future of data collaboration. We empower ambitious teams to unlock their data's full potential. As a Security Architect, you will conduct thorough security assessments, develop and implement comprehensive security strategies, and integrate security best practices into our CI/CD pipeline. You will lead and mentor team members, ensuring compliance with relevant security standards. Atlan offers a fast-paced, fully remote work environment with opportunities for growth and collaboration within a global data community. We are a fast-growing company backed by top investors, creating a category-defining platform for data and AI governance.

Requirements

• 10+ years of experience leading security initiatives for enterprises in an information security (InfoSec) consultant or architect role
• Proven experience with implementing DevSecOps principles, including Shift Left and Policy as Code methodologies
• Experience implementing application security architecture and cloud security architecture
• In-depth knowledge and experience with Kubernetes (K8s) security is required
• Experience integrating security practices into the Secure Development Lifecycle
• Strong understanding of security threats, vulnerabilities, and risk mitigation strategies
• Excellent analytical and problem-solving skills
• Strong communication, collaboration, and interpersonal skills
• Ability to work independently and as part of a team
• Passion for security and a commitment to continuous learning

Responsibilities

• Conduct a thorough security assessment of our current infrastructure, applications, and cloud environments, identifying strengths and areas for improvement
• Conduct detailed threat modeling and risk assessments to identify, prioritize, and mitigate potential security threats
• Document the existing security architecture, policies, and procedures
• Develop and implement a comprehensive security strategy aligned with Atlan's business goals and industry best practices
• Establish security metrics and key performance indicators (KPIs) to measure the effectiveness of security controls
• Design and implement robust security controls across the platform, including network, application, and infrastructure security
• Integrate security best practices into the CI/CD pipeline to ensure seamless DevSecOps practices (Shift Left, Policy as Code)
• Develop and implement incident response plans, conduct regular drills, and continuously improve security operations through monitoring and ongoing assessments
• Advocate for security best practices across the organization, fostering a security-first mindset and a culture of security awareness
• Lead and mentor other team members, promoting continuous learning and improvement in security practices
• Ensure compliance with relevant security standards and regulations (e.g., PCI DSS, GDPR)
• Prepare for and assist in security audits and certifications

Preferred Qualifications

• Experience with SaaS security or platform security is a strong plus
• Experience with security tools such as CIS Benchmarks and SIEM solutions is preferred
• CISSP, CISA and/or CKS Certifications strongly preferred

Benefits

• Ownership from Day One: Whether you're an intern or a full-time teammate, you’ll own impactful projects, chart your growth, and collaborate with some of the best minds in the industry
• Limitless Opportunities: At Atlan, your growth has no boundaries. If you’re ready to take initiative, the sky’s the limit
• A Global Data Community: We’re deeply embedded in the modern data stack, contributing to open-source projects, sponsoring meetups, and empowering team members to grow through conferences and learning opportunities