PRINCIPAL SECURITY ENGINEER

• R021981
• United States
• Engineering
• Regular
  Location Details: United States - Remote
  At GoDaddy the future of work looks different for each team. Some teams work in the office full-events or offsites. This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or offsites.
  This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.
  GoDaddy is not currently considering candidates for this role in California, Seattle, or NYC.

JOIN OUR TEAM

Do you want to be an Information Security Leader at GoDaddy? GoDaddy’s Product Security group is looking for a Principal Security Engineer to join our organization. Can you solve large scale and cross-company issues, while ensuring that partnership with the development and operational communities remains in front of mind?
GoDaddy is looking for a Principal Security Engineer to apply their hands-on technical skills, strong leadership abilities, and an eagerness to design solutions to complex problems. You must be comfortable with communicating to stakeholders, performing security assessments and prioritizing security risks, creating/presenting high-quality deliverables.

YOUR EXPERIENCE SHOULD INCLUDE…

• 7+ years of progressive security engineering experience across Security Architecture, Cryptography, Network, Cloud, Mobile, and Web Security.
• Skilled in Secure Development Lifecycle, Security by Design, and Shift Left methodologies.
• Proficient in Threat Modeling, Architecture Review, Penetration Testing, Code Review, SAST, and DAST.
• Strong scripting abilities in languages such as Python, C, C++, Java, Ruby, and PowerShell.
• Adept at applying security best practices for compliance, with excellent problem-solving and communication skills.

WHAT YOU’LL GET TO DO…

• Identify security threats in applications and infrastructure and provide remediation mentorship to system owners.
• Join forces with SRE and development teams to find new and creative ways to reduce the occurrence of vulnerabilities at scale.
• Build repeatable/reusable security processes and frameworks.
• Review quality issues and work towards detecting security flaws both obvious and discrete.
• Assist with scoping prospective projects, participating in projects from kickoff through “definition of done” via end-to-end ownership.
• Use your industry experience to own and drive resolution and retest complex security events, policy questions and technical security risks.

At GoDaddy, we subscribe to a “pay for performance” approach that considers our total compensation to ensure we offer competitive pay. Total compensation elements vary based on role, but in addition to our base pay offering, may include:

• Comprehensive benefits (may vary based on location)
• Short-Term Incentives (annual bonus, sales incentive pay) - eligibility dependent on role and company and/or individual performance
• Long-Term Incentives (equity) - eligibility dependent on rol

We are proud to provide pay transparency to our candidates. In the United States, we have four geographic pay groups (Groups). GoDaddy’s target compensation is determined based on your location and varies based on an individual’s qualifications, skills and experience at the time of the offer. For this role, our targeted base pay ranges for new hires in each US Group are:

• Group 1: $137,000.00 – $206,000.00
• Group 2: $153,500.00 – $230,500.00
• Group 3: $163,200.00 – $244,800.00
• Group 4: $178,500.00 – $267,500.0