Head of Vulnerability Management
Location: San Francisco, California
Job Type: Full time
Working at Atlassian
Atlassian can hire people in any country where we have a legal entity. Assuming you have eligible working rights and a sufficient time zone overlap with your team, you can choose to work remotely or return to an office as they reopen (unless it’s necessary for your role to be performed in the office). Interviews and onboarding are conducted virtually, a part of being a distributed-first company.
Behind every phenomenal human achievement, there is a team. From medicine and space travel, to disaster response and pizza deliveries, our products help teams all over the planet improve humanity through the power of software. Atlassian's mission is to help fuel the potential of every team!
The Atlassian Security Team's purpose is to build trust. We want to lead our peers in cloud and product security, meet all customer requirements and exceed requirements for industry security standards and certifications. Do you believe an organization should be open, transparent about its programs, and metrics? We do. This is why we share our journey and encourage other cloud providers to do the same.
We are looking for a leader that can help lead our security team for years to come, while working in collaboration with the broader Trust Organization and all of Atlassian.
About the Role:
Reporting to the Chief Information Security Officer, the Director/Head of Vulnerability Management Program, will lead a distributed team of over 30 security engineers. The Vulnerability Management Program is important program to reduce threats to Atlassian's Infrastructure and Applications. You'll build relationships across our company with teams including Engineering, Product, Communications and PR, Legal, and Finance. You'll be part of senior security leadership for Atlassian.
What you'll do:
- Provide strategic direction, set goals and structure and resource and the work in a way that improves the impact of the team and provides a paved path to a leadership position among SaaS providers. Report updates on programs, roadmaps and OKRs CISO and Exec team.
- Hire and retain top talent, managers and individual contributors, across several programs. Hold high bar but still meet our hiring goals. The team will double in the next 2-3 years. #LI-Remote
- You will grow the Vulnerability Management and Bug Bounty Programs to be an industry leader.
- Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure.
- Have experience managing security vendors
- Collaborate with other security teams like Product Security, Threat Detection, Corp Sec, Infrastructure security, and more. Also coordinate responses to security issues and incidents.
- Build Trust internally, being the voice of Security inside and outside of Atlassian. You will also adopt Atlassian's commitment to openness, allowing the company to talk openly about our approach to security. Over the next few years, you will promote Atlassian's goal to be a recognized leader in managing Vulnerability life cycle at scale.
- Help governance and partner with our Risk and Compliance team, and internal and external auditors and regulators to ensure Atlassian's security meets multiple industry compliance and legal requirements. (SOC2, ISO, FedRAMP, HIPAA)
- At least 10+ years of multifaceted security leadership and management experience in a technology-centric company, including experience leading security teams of 30+ security engineers in a globally distributed organization that services dozens of partners.
- Diverse experience working at technology companies across different type of businesses and across several stages of the growth private/public. Experience working at larger SaaS companies is a bonus.
- Before Management roles, you have hands-on experience as Individual contributor analyzing common vulnerabilities, implementing Vulnerability Management tools, both open source and vendor products. You have experience as technical contact for bug bounty program, analyze the reports and communicate with Engineering teams to guide remediation.
Our perks & benefits
To support you at work and play, our perks and benefits include ample time off, an annual education budget, paid volunteer days, and so much more.
The world’s best teams work better together with Atlassian. From medicine and space travel, to disaster response and pizza deliveries, Atlassian software products help teams all over the planet. At Atlassian, we're motivated by a common goal: to unleash the potential of every team.
We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
To learn more about our culture and hiring process, explore our Candidate Resource Hub.
You’ve got this!