Jobs · Engineering · California

Senior Software Engineer, Infrastructure Security

Asana · San Francisco, CA · Yesterday
HybridEngineering$202k–$230k/yrFull-time

About the role

We are looking for a Senior Software Engineer to join our new Security Development team. This team is focused on building durable, secure-by-default solutions to protect Asana's infrastructure and product. Instead of acting as gatekeepers, we build guardrails that empower engineering teams to move quickly and safely.

Responsibilities

  • Design, build, and maintain secure-by-default frameworks, libraries, and platforms to eliminate entire classes of vulnerabilities.
  • Engineer and improve core security services, including our access control frameworks, secrets management infrastructure, and AWS permissions systems.
  • Develop and own the platform for vulnerability remediation, creating tooling that empowers engineering teams to address risks efficiently.
  • Partner with product and infrastructure teams to architect and implement foundational security controls for Asana including cloud networking, and compute infrastructure.
  • Partner with product teams to effectively offer recommendations for how to secure projects at all phases of implementation (design, development, launch, and/or incidents).
  • Influence engineering initiatives through design reviews, communicating security principles, and helping teams make sound security trade-offs.

Requirements

  • 4+ years of experience in full-time professional software development, working with large codebases.
  • Proven software engineering experience, with a background in building platforms, libraries, or core infrastructure.
  • Strong interest or direct experience in security engineering, with a focus on building preventative controls.
  • Expertise in programming and computer science fundamentals.
  • Experience with cloud infrastructure and services, particularly AWS.
  • Excellent communication skills for collaborating effectively with engineering teams across the organization.
  • A proactive mindset geared towards identifying and eliminating systemic risks, not just individual bugs.
  • Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

Qualifications

Preferred qualifications include:

  • Experience with security-focused programming languages and frameworks.
  • Knowledge of security standards and compliance requirements.
  • Experience with threat modeling and risk assessment.

Skills

Essential skills include:

  • Strong problem-solving and analytical skills.
  • Ability to work independently and as part of a team.
  • Excellent written and verbal communication skills.
  • Experience with version control systems (e.g., Git).
  • Experience with continuous integration/continuous deployment (CI/CD) tools.

Benefits

We offer a comprehensive compensation package that includes a competitive base salary, equity, and additional benefits such as mental health and wellness programs, career coaching, inclusive family building benefits, long-term savings or retirement plans, and in-office culinary options. Our benefits may vary based on role, country, and local regulations.

Similar jobs