Security Engineer, Red Team

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world’s teams to work together effortlessly. Our security team protects Asana’s employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations.

We’re looking for a security engineer to join our Security Red Team in Warsaw. You’ll be a foundational member of the security presence in a key engineering hub, partnering directly with IT, infrastructure, and product teams to ensure we design and ship secure software. You will be instrumental in scaling our security practices by performing security reviews and penetration testing assessments of our products and internal applications, eliminating entire classes of vulnerabilities, and championing a security-first mindset.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in‑office days are Monday, Tuesday, and Thursday.

We offer a Contract of Employment (UoP) for our employees in Poland

What you’ll achieve

• Conduct security architecture reviews, threat modeling, and penetration testing for new features and services across our product and internal applications.
• Test software for application security vulnerabilities through various assessment methodologies, including penetration testing.
• Triage, investigate, and drive remediation of vulnerabilities from our bug bounty program, internal penetration tests, and automated security tooling.
• Influence engineering initiatives by conducting design and roadmap reviews, effectively communicating security constraints, and assisting teams in making informed trade‑offs.
• Investigate product security incidents as an incident subject matter expert, using logs and monitoring tools.
• Develop and deliver training to educate engineers on secure coding best practices and emerging threats.
• Stay informed of industry trends, emerging threats, and best practices to ensure that Asana’s security posture remains robust.
• Collaborate with teammates and stakeholders to develop both short‑term and long‑term strategies for risk management.
• Join a collaborative Security team composed of specialists in product, application, software engineering, infrastructure and detection and response, all working together to help engineering teams design and ship secure software.

About you

What we offer

For this role, the estimated base salary range is between 25,604 - 35,854 PLN gross monthly on the contract of employment (UoP). The actual base salary will vary based on various factors and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base compensation range for this role may be modified.

Our total compensation consists of base salary and equity (RSUs).

About us

Asana helps teams orchestrate their work, from small projects to strategic initiatives. Millions of teams around the world rely on Asana to achieve their most important goals faster. Asana has been named a Top 10 Best Workplace for 5 years in a row, is Fortune's #1 Best Workplace in the Bay Area, and one of Glassdoor’s and Inc.’s Best Places to Work. After spending more than a year physically distanced, Team Asana is safely and mindfully returning to in‑person collaboration, incorporating flexibility that adds hybrid elements to our office‑centric culture. With 11+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world.

We believe in supporting people to do their best work and thrive. Our goal is to ensure that Asana upholds an environment where all people feel that they are respected and valued, whether they are applying for an open position or working at the company. We provide equal employment opportunities to all applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by law. We also comply with the San Francisco Fair Chance Ordinance and similar laws in other locations.

#appsec #securityengineer #LI-Hybrid

#J-18808-Ljbffr