Working at Atlassian
Atlassian can hire people in any country where we have a legal entity. Assuming you have eligible working rights and a sufficient time zone overlap with your team, you can choose to work remotely or return to an office as they reopen (unless it’s necessary for your role to be performed in the office). Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
With a sufficient timezone overlap with the team, we’re able to hire eligible candidates for this role from any location in Australia and New Zealand. If this sparks your interest, apply today and chat with our friendly Recruitment team further.
Do you love penetration testing, application security and uplifting programs and capabilities?
We’re looking for a Principal Security Testing Engineer to work closely with the Security Testing Manager to build the security testing team and capability. As a Principal you will be the Technical SME, drive automation, equip the team with the latest tools, techniques and methodologies to find meaningful vulnerabilities which off-the-shelf tools won’t.
In this role you will be responsible for Penetration Testing and Manual Code Review across Atlassian's vast footprint. You will lead others to validate the state of Atlassian’s technical security, working closely with our security teams and leadership groups.
Day-to-day this person will be:
- A leader in offensive security, penetration testing and application security
- Providing SME knowledge and guidance to a team of pen testers/code reviewers
- Skilled with common exploitation frameworks such as Metasploit, Core Impact & Canvas
- Working knowledge of KALI Linux or other testing distributions and most of the tools within
- Able to automate pen testing/code review testing workflows and tasks
- Analysing vulnerability data for trends, gaps
- Assessing Atlassian’s estate for potential pen testing scope items
- Assessing third-party testing capabilities
On your first day, we'll expect you to have:
- The ability to complete a penetration test and code review of a modern cloud application
- Worked in a senior penetration testing/application security role
- Experience in automating a testing workflow
- Experience leading security teams or projects
- Strong, practical understanding of security testing methodologies, supporting infrastructure requirements and awareness of legal considerations
- Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams
- Experience working with security operations teams to develop detection logic
- Strong application security experience
- Experience with program development and uplift
- Affinity for growing teams and helping people succeed
It's great, but not required, if you have:
- CVE’s to your name
- Contributions to open source security software or penetration testing tools
- Delivered industry presentations
- Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN
- Comfortable operating in and reviewing modern cloud technologies from providers such as AWS, Azure and GCP
More about our team
We are a growing security team committed to protecting the security of our customers and of Atlassian itself. You will be part of the larger Security Assessment team whose mission is to partner with Atlassian programs, products and platforms to provide innovative and holistic security validation solutions to secure Atlassian products, information assets and customers.
Our perks & benefits
To support you at work and play, our perks and benefits include ample time off, an annual education budget, paid volunteer days, and so much more.
About Atlassian
The world’s best teams work better together with Atlassian. From medicine and space travel, to disaster response and pizza deliveries, Atlassian software products help teams all over the planet. At Atlassian, we're motivated by a common goal: to unleash the potential of every team.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
To learn more about our culture and hiring process, explore our Candidate Resource Hub.