PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management. Half of the Fortune 500 and nearly 70% of the Fortune 100 trust PagerDuty as essential infrastructure.

Join us. (https://careers.pagerduty.com/) At PagerDuty, you'll tackle complex problems, collaborate with kind and ambitious people, and help build a more equitable world—all in a flexible, award-winning workplace.

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-focused team! As a Senior Security Engineer , you will be a key contributor in leading, driving and delivering security initiatives for PagerDuty’s SaaS offerings, focusing on application & product security through architecture reviews, threat modeling sessions, and defining secure-by-design product standards and protections that support PagerDuty’s security mission. Since we own and operate what we build, you’ll collaborate closely with engineers across many product development teams. You will work closely with our internal development teams to ensure we deliver secure, highly reliable, and scalable solutions to our customers.

This is an exciting opportunity to build security solutions that make developers and customers happy. The ideal candidate will have a blend of experiences across large enterprise environments and small or mid-size environments and will have focused on establishing security standards, coordinating with product development teams, developing strategies for secure-by-default architectures, and corresponding process and tooling selection and implementation. Things that make you smile: secure product architectures, providing an engaging Developer Experience for security adoption, and cute animal memes.

KEY RESPONSIBILITIES

• Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections.

• Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks.

• Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks.

• Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents.

• Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership.

• Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences.

• Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption.

• Establish and uphold baseline standards and hardened configurations for platform components.

• Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments.

BASIC QUALIFICATIONS

• Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS.

• Familiarity with cloud-native product technologies including:

• Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)

• CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)

• Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)

• Security Incident Response & Risk Management processes and tools

• Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework.

• Have exceptional written, oral communication, and interpersonal skills.

• Organizational skills with the ability to successfully manage multiple priorities and deadlines.

PREFERRED QUALIFICATIONS

• Ability to analyze complex problems, develop solutions under guidance, and assist in implementing these solutions with a growing set of change management skills.

• Possesses a strong sense of ownership and a keen discernment for excellence in securing systems within a SaaS environment, demonstrating the ability to distinguish what constitutes truly robust and effective product security.

• Current or past experience with obtaining and maintaining FedRAMP authorization.

• Experience working at a SaaS company larger than 1000 employees and $100M in revenue.

• Familiarity with Cloud Infrastructure security (such as AWS GuardDuty, AWS CloudTrail, AWS Secrets Manager, AWS IAM & Identity Center, AWS Control Tower, Azure Security Center, Microsoft Defender for Cloud, etc.)

• Familiarity with Container Security (e.g., Kubernetes, EKS, AKS, service mesh, baseline/benchmark hardening, identity and secrets orchestration, etc.)

• Demonstrated history of mentoring and coaching.

The base salary range for this position is 152,000 - 248,000 USD. This role may also be eligible for bonus, commission, equity, and/or benefits.

Our base salary ranges are determined by role, level, and location. The range, which is subject to change based on primary work location, reflects the minimum and maximum base salary we expect to pay newly hired employees for the position. Within the range, we determine pay for an individual based on a number of factors including market location, job-related knowledge, skills/competencies and experience.

Your recruiter can share more about the specific offerings for this role, as well as the salary range for your primary work location during the hiring process.

Hesitant to apply?

We encourage you to submit your resume even if you don't meet every requirement. We value potential and consider each candidate's full professional story. Whether you're exploring a career change or taking your next step, we look forward to reviewing your application. If this just isn’t the right role or time - sign up for job alerts (https://careers.pagerduty.com/jobalerts) !

Where we work

PagerDuty currently has offices (https://careers.pagerduty.com/locations) in Atlanta, Lisbon, London, San Francisco, Santiago, Sydney, Tokyo, and Toronto. We offer a hybrid, flexible environment. We also provide ample opportunities for connection, like team offsites and volunteering events.

How we work

Our values (https://careers.pagerduty.com/#values) guide how we support customers, collaborate with colleagues, develop products, and foster a culture of belonging. They define not just our actions, but what it means to be Dutonian.

What we offer

As a global organization, our total rewards approach is competitive with industry standards and aligned with local laws and regulations. Learn more, including country-specific offerings, on our benefits site (https://careers.pagerduty.com/global-benefits) .

Your package may include:

• Competitive salary

• Comprehensive benefits package from day one

• Flexible work arrangements

• Company equity*

• ESPP (Employee Stock Purchase Program)*

• Retirement or pension plan*

• Generous paid vacation time

• Paid holidays and sick leave

• Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO

• Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)*

• Paid volunteer time off: 20 hours per year

• Company-wide hack weeks

• Mental wellness programs

*Eligibility may vary by role, region, and tenure

About PagerDuty

PagerDuty, Inc. (NYSE:PD) is a global leader in digital operations management, enabling customers to achieve operational efficiency at scale with the PagerDuty Operations Cloud. The PagerDuty Operations Cloud combines AIOps, Automation, Customer Service Operations and Incident Management with a powerful generative AI assistant to create a flexible, resilient and scalable platform to increase innovation velocity, grow revenue, reduce cost, and mitigate the risk of operational failure. Half of the Fortune 500 and nearly 70% of the Fortune 100 rely on PagerDuty as essential infrastructure for the modern enterprise.

PagerDuty is Great Place to Work-certified™, a Fortune Best Workplace for Millennials, a Fortune Best Medium Workplace, a Fortune Best Workplace in Technology, and a top rated product on TrustRadius and G2.

Go behind-the-scenes on our careers site (https://careers.pagerduty.com/home) and @pagerduty on Instagram.

Additional Information

PagerDuty is committed to creating a diverse environment and is an equal opportunity employer. PagerDuty does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, parental status, veteran status, or disability status.

PagerDuty is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application process. Should you require accommodation, please email accommodation@pagerduty.com and we will work with you to meet your accessibility needs.

PagerDuty uses the E-Verify employment verification program.