Distinguished Security Engineer

Location Details: 

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.

This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.

This position is not eligible to be performed in Alaska, Colorado, Mississippi, North Dakota, or the Virgin Islands.

What you'll get to do...

A Distinguished Security Engineer in GoDaddy's Information Security division, leads all aspects in driving and establishing our multi-year security strategy, integrating security into our business units across our company. This role has core accountability in driving vital initiatives, as we integrate security into our Software Development Process, end-to-end, within GoDaddy’s Commerce business division.

• Establish dedicated cyber security capabilities required to ensure security of GoDaddy’s commerce solutions, including, but not limited to security of payment systems, infrastructure, and devices
• Develop, coach, and mentor a team of engineers and growth leaders, while coordinating closely with product/program managers, other engineering leaders and business partners
• Coordinate enterprise security strategy to integrate security capabilities into software/system development lifecycle to support the business
• Operationalize Design Reviews, SAST, DAST and other capabilities required to scale security reviews across the organization
• Assess offensive security capabilities required to pro-actively assess security posture of systems and drive remediation
• Implement agile, business coordinated security certification program to enable business while ensuring security is a core part of product design and development
• Drive program management activities required to establish effective delivery and execution of SSDLC activities
• Identify security standards and requirements for embracing new and emerging technologies and platforms
• Partner with business collaborators to help define and prioritize security initiatives and investments
• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities
• Operationalize continuous testing and validation of security controls
• Partner internally and externally with our audit teams to drive gap assessments, cyber security and other audit requirements to support the organization
• Partner closely with Finance, Operation, IT, executive management, and key product leaders to build a shared vision
• Collaborate with business partners to define and prioritize security initiatives and investments

Your experience should include...

• 10+ years’ validated experience in cyber security engineering with focus on secure design and development
• Prior experience defining security strategy, goals and targets
• Experience in security across the payments industry
• Hands on expertise in hardware and device security including, trusted computing, trusted execution environment, tamper detection and response, etc
• Able to build and secure payment systems and platforms
• Expertise in applied cryptography, hardware security modules (HSM) with understanding of FIPS 140 requirements and standards for cryptography modules that include both hardware and software components
• Validated experience architecting and securely deploying large scale systems in public cloud (AWS) infrastructure
• Experience driving and supporting security audits and certifications including PCI DSS, PCI PTS and SOC 2
• Confirmed experience integrating security capabilities into business units to drive and address business specific challenges
• Knowledgeable in threat modeling or other risk identification techniques, and risk management
• Ability to lead and perform offensive security testing including penetration testing and red team exercises
• Familiar with a fast-paced environment with minimal process and maximum efficiency
• Owned project delivery for large, multi-functional projects with evolving requirements
• A mentor and leader to other managers and security engineers, while building and maintaining high agility and high morale
• Excellent written and verbal technical communication with an ability to present sophisticated technical information in a clear and concise manner to a variety of audiences

You might also have...

• Bachelor’s degree in information security, Computer Science or related field
• Master’s in information security
• Strong project management experience desired for working on multi-functional projects

We've got your back...  We offer a range of benefits that may include paid time off, retirement savings (e.g., 401k, pension schemes), incentive eligibility, equity grants, participation in an employee stock purchase plan, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.   

We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way. 

About us...  GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us. 

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page. 

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy here (https://www.godaddy.com/legal/agreements/equal-opportunity-employment-statement). 

Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to myrecruiter@godaddy.com. 

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.