Senior Security Engineer

We are hiring a Senior Security Engineer to protect the people, infrastructure, and tooling that goes into building and hosting Mattermost. This is a hands-on, high-impact role at the intersection of enterprise security engineering, cloud information security, and AI-enabled threat response.

Why Join Mattermost

• Fully remote, globally distributed team | no commute, genuine flexibility
• Be a key voice in shaping and delivering security strategy
• Competitive salary, equity, and benefits with meaningful work attached

The Role

As a Senior Security Engineer, you will lead the design and implementation of security tooling, harden our cloud and IT infrastructure, and serve as a key responder to incidents. You will work across a globally distributed team and partner closely with Engineering to manage AI-enabled risk.

Key Responsibilities

• Lead security and IT projects to enhance the security posture of infrastructure and the company
• Detect, investigate, and remediate security incidents using SIEM, EDR, and SOAR tooling (e.g. CrowdStrike, SentinelOne)
• Conduct threat hunting across cloud and endpoint environments using a Zero Trust framework
• Administer company-wide IAM and security monitoring infrastructure
• Contribute to security policies, incident response, forensics, and endpoint management programmes
• Partner with Engineering to assess and mitigate risks from AI-enabled tools and workflows
• Explore and implement AI/automation in detection, analysis, and response pipelines
• Engage closely with North American and international staff across time zones

Required Background & Skills

• Bachelor's degree in Computer Science or a related field, or significant professional security experience
• 3+ years of hands-on experience in security engineering and incident response
• Experience with SIEM platforms and security monitoring systems
• Experience with EDR tools such as CrowdStrike or SentinelOne
• Knowledge of SOAR platforms and automation of security workflows
• Familiarity with Zero Trust architecture principles and threat hunting methodologies
• Experience with cloud security controls across AWS, GCP, and/or Azure
• Strong knowledge of Linux systems and Kubernetes/Docker environments
• Experience with IAM solutions and infrastructure automation
• Practical experience evaluating security implications of AI systems and AI-assisted workflows
• Experience managing security of Microsoft 365 and Google Workspace tenants
• Excellent written and verbal communication skills

Preferred Background & Skills

• Experience with certification processes: SOC2, ISO 27001, FedRAMP, or Cyber Essentials Plus
• Certifications: OSCP, GCIH, GCFA, or equivalent penetration testing / incident response credentials
• Experience in Go or Python
• Background in open-source communities
• Endpoint security management experience in a fully remote organisation

Export Control & Eligibility

This role may involve access to information subject to U.S. export control regulations (EAR/ITAR). Applicants should be aware that eligibility requirements may apply. We encourage candidates with questions about this to reach out. Many Germany-based security professionals with defence backgrounds will qualify. We are happy to discuss your specific situation.

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate's starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.