Security Testing Engineer - Penetration Tester

OverviewThe Security Testing teams mission is to partner with Atlassian internal teams globally to provide innovative and holistic security testing to secure Atlassian products, platforms and customers. This role supports Atlassian’s security team, Engineers and Customers by performing high quality penetration testing on our software, platforms and services.This role supports Atlassian’s security team, Engineers and Customers by providing world class technical assurance of our software, platforms and services through high quality manual penetration testing and code review.Working at AtlassianAtlassians can choose where they work – whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company.ResponsibilitiesYou will support others in technically validating the state of Atlassian’s technical security controls, working closely with both our security and engineering teams. You enjoy vulnerability hunting and get excited when you find vulnerabilities that typical automated toolsets can’t. You must have a strong ability to work with colleagues to understand our products and then come up with ways to strengthen security.Since we work closely with our product engineering teams, the ability to read and understand code is very important. Our products are built using a number of different languages but Java, Go, and Python are the most common.QualificationsOn your first day, we'll expect you to have:3+ years working in a penetration testing/appsec/manual code review roleStrong understanding of web application securityExperience in cloud security architecture and infrastructureExperience coding in Java, Python, or Go, and at least one scripting languageAn ability to reason about security decisionsExperience leading projects from start to finish and mentoring other security practitionersStrong collaboration and communication skills when working with closely with deeply technical development and infrastructure teamsIt's Great, But Not Required, If You HaveSubmitted bug bounty reports to third party companiesPublished contributions to the security communityCertifications: OSCP, OSCE, OSWE, CREST CRT, GPENCVE’s to your namePresentation experience at industry eventsDeveloped security toolsExperience working with compliance, privacy, IT, networking or related functionsBenefits & PerksAtlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit go.atlassian.com/perksandbenefits .About AtlassianAt Atlassian, we're motivated by a common goal: to unleash the potential of every team. Our software products help teams all over the planet and our solutions are designed for all types of work. Team collaboration through our tools makes what may be impossible alone, possible together.We believe that the unique contributions of all Atlassians create our success. To ensure that our products and culture continue to incorporate everyone's perspectives and experience, we never discriminate based on race, religion, national origin, gender identity or expression, sexual orientation, age, or marital, veteran, or disability status. All your information will be kept confidential according to EEO guidelines.To provide you the best experience, we can support with accommodations or adjustments at any stage of the recruitment process. Simply inform our Recruitment team during your conversation with them.To learn more about our culture and hiring process, visit go.atlassian.com/crh .