Senior Software Engineer, Infrastructure Security
Asana · San Francisco, CA · Yesterday
HybridEngineering$202k–$230k/yrFull-time
About the role
We are looking for a Senior Software Engineer to join our new Security Development team. This team is focused on building durable, secure-by-default solutions to protect Asana's infrastructure and product. Instead of acting as gatekeepers, we build guardrails that empower engineering teams to move quickly and safely.
Responsibilities
- Design, build, and maintain secure-by-default frameworks, libraries, and platforms to eliminate entire classes of vulnerabilities.
- Engineer and improve core security services, including our access control frameworks, secrets management infrastructure, and AWS permissions systems.
- Develop and own the platform for vulnerability remediation, creating tooling that empowers engineering teams to address risks efficiently.
- Partner with product and infrastructure teams to architect and implement foundational security controls for Asana including cloud networking, and compute infrastructure.
- Partner with product teams to effectively offer recommendations for how to secure projects at all phases of implementation (design, development, launch, and/or incidents).
- Influence engineering initiatives through design reviews, communicating security principles, and helping teams make sound security trade-offs.
Requirements
- 4+ years of experience in full-time professional software development, working with large codebases.
- Proven software engineering experience, with a background in building platforms, libraries, or core infrastructure.
- Strong interest or direct experience in security engineering, with a focus on building preventative controls.
- Expertise in programming and computer science fundamentals.
- Experience with cloud infrastructure and services, particularly AWS.
- Excellent communication skills for collaborating effectively with engineering teams across the organization.
- A proactive mindset geared towards identifying and eliminating systemic risks, not just individual bugs.
- Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.
Qualifications
Preferred qualifications include:
- Experience with security-focused programming languages and frameworks.
- Knowledge of security standards and compliance requirements.
- Experience with threat modeling and risk assessment.
Skills
Essential skills include:
- Strong problem-solving and analytical skills.
- Ability to work independently and as part of a team.
- Excellent written and verbal communication skills.
- Experience with version control systems (e.g., Git).
- Experience with continuous integration/continuous deployment (CI/CD) tools.
Benefits
We offer a comprehensive compensation package that includes a competitive base salary, equity, and additional benefits such as mental health and wellness programs, career coaching, inclusive family building benefits, long-term savings or retirement plans, and in-office culinary options. Our benefits may vary based on role, country, and local regulations.