Security Engineer

As a Senior Security Engineer, you will lead the design and implementation of security tooling, harden our cloud and IT infrastructure, and serve as a key responder to incidents. You will work across a globally distributed team and partner closely with Engineering to manage AI-enabled risk., * Lead security and IT projects to enhance the security posture of infrastructure and the company

• Detect, investigate, and remediate security incidents using SIEM, EDR, and SOAR tooling (e.g. CrowdStrike, SentinelOne)
• Conduct threat hunting across cloud and endpoint environments using a Zero Trust framework
• Administer company-wide IAM and security monitoring infrastructure
• Contribute to security policies, incident response, forensics, and endpoint management programmes
• Partner with Engineering to assess and mitigate risks from AI-enabled tools and workflows
• Explore and implement AI/automation in detection, analysis, and response pipelines
• Engage closely with North American and international staff across time zones

• Bachelor's degree in Computer Science or a related field, or significant professional security experience
• 3+ years of hands-on experience in security engineering and incident response
• Experience with SIEM platforms and security monitoring systems
• Experience with EDR tools such as CrowdStrike or SentinelOne
• Knowledge of SOAR platforms and automation of security workflows
• Familiarity with Zero Trust architecture principles and threat hunting methodologies
• Experience with cloud security controls across AWS, GCP, and/or Azure
• Strong knowledge of Linux systems and Kubernetes/Docker environments
• Experience with IAM solutions and infrastructure automation
• Practical experience evaluating security implications of AI systems and AI-assisted workflows
• Experience managing security of Microsoft 365 and Google Workspace tenants
• Excellent written and verbal communication skills

Preferred Background & Skills

• Experience with certification processes: SOC2, ISO 27001, FedRAMP, or Cyber Essentials Plus
• Certifications: OSCP, GCIH, GCFA, or equivalent penetration testing / incident response credentials
• Experience in Go or Python
• Background in open-source communities
• Endpoint security management experience in a fully remote organisation

• Fully remote, globally distributed team | no commute, genuine flexibility
• Be a key voice in shaping and delivering security strategy
• Competitive salary, equity, and benefits with meaningful work attached

Mattermost is the leading collaborative workflow platform for defense, intelligence, security, and critical infrastructure. Trusted by the U.S. Department of War and Fortune 500s, our platform runs on-premises and in private clouds, delivering secure messaging, file sharing, workflow automation, audio/screenshare, and project management-all with full data and operational control. Mattermost powers high-stakes workflows across mission planning, real-time, real-world operations, DevSecOps, incident response, and cyber defense-enabling secure collaboration from tactical edge and DDIL environments to enterprise HQ. Teams operate across web, desktop, and mobile, with embedded interoperability for Microsoft Teams, Outlook, and Microsoft 365.