[Hiring] Principal Security Engineer - GRC @GoDaddy

Role Description

Join our team as an Information Security Leader at GoDaddy. We help solve large-scale and cross-company issues while ensuring that partnership with the development and operational communities remains front of mind.

GoDaddy is looking for a Principal Risk Engineer with:

• Security risk management experience
• Technical depth
• Strong leadership abilities
• Experience building and performing information security audits and gap assessments

You must be comfortable:

• Communicating with internal teams and external auditors
• Designing and leading security campaigns
• Prioritizing the resolution of audit findings while applying a risk-based approach

As a team, we will help:

• Identify any gaps in security control implementation
• Design solutions to manage security risks at scale
• Provide the information needed to make risk-based decisions and planning

What you'll get to do:

• Build and manage a Security Controls framework that encompasses the regulatory and industry compliance frameworks we follow
• Perform targeted gap assessments to identify any deviations from the control framework
• Propose and manage enterprise-wide security campaigns for managing deviations to reduce risk
• Partner with other InfoSec teams and Engineering teams to define and prioritize security initiatives and investments guided by risk assessment principles
• Align risk management initiatives with applicable compliance regulations

Qualifications

• 10+ years of professional experience in Information Security or related fields such as Information Technology, IT Audit, etc.
• 6+ years of dynamic experience managing programs related to information security and information security audits
• Experience building unified security controls frameworks
• Experience managing audits applying compliance frameworks such as PCI DSS, NIST CSF, NIST 800-53, ISO, SOC-2 etc.
• Executive reporting on the status of security programs and campaigns
• Experience in Security Engineering concepts such as Threat modeling and architecture reviews
• Experience with auditing cloud infrastructure such as AWS

Requirements

• A bachelor’s degree in computer science or related field
• Certifications like PCI ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc.
• Experience working at a Big 4 Audit firm(s)

Benefits

• Paid time off
• Retirement savings (e.g., 401k, pension schemes)
• Bonus/incentive eligibility
• Equity grants
• Participation in our employee stock purchase plan
• Competitive health benefits
• Family-friendly benefits including parental leave

Company Description

GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all.

Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success.

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences, and perspectives.

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements.