Senior Security Engineer

Mattermost is the secure collaboration platform trusted by Global organizations. Our platform runs on-premises, cloud, and in air-gapped environments, enabling mission-critical workflows from the tactical edge to the enterprise HQ, where data sovereignty and operational security are non-negotiable.

We are hiring a Senior Security Engineer to protect the people, infrastructure, and tooling that goes into building and hosting Mattermost. This is a hands-on, high-impact role at the intersection of enterprise security engineering, cloud information security, and AI-enabled threat response.

Why Join Mattermost

•   Fully remote, globally distributed team | no commute, genuine flexibility
•   Be a key voice in shaping and delivering security strategy
•   Competitive salary, equity, and benefits with meaningful work attached

The Role

As a Senior Security Engineer, you will lead the design and implementation of security tooling, harden our cloud and IT infrastructure, and serve as a key responder to incidents. You will work across a globally distributed team and partner closely with Engineering to manage AI-enabled risk.

Key Responsibilities

• Lead security and IT projects to enhance the security posture of infrastructure and the company
• Detect, investigate, and remediate security incidents using SIEM, EDR, and SOAR tooling (e.g. CrowdStrike, SentinelOne)
• Conduct threat hunting across cloud and endpoint environments using a Zero Trust framework
• Administer company-wide IAM and security monitoring infrastructure
• Contribute to security policies, incident response, forensics, and endpoint management programmes
• Partner with Engineering to assess and mitigate risks from AI-enabled tools and workflows
• Explore and implement AI/automation in detection, analysis, and response pipelines
• Engage closely with North American and international staff across time zones

Required Background & Skills

•   Bachelor’s degree in Computer Science or a related field, or significant professional security experience
•   3+ years of hands-on experience in security engineering and incident response
•   Experience with SIEM platforms and security monitoring systems
•   Experience with EDR tools such as CrowdStrike or SentinelOne
•   Knowledge of SOAR platforms and automation of security workflows
•   Familiarity with Zero Trust architecture principles and threat hunting methodologies
•   Experience with cloud security controls across AWS, GCP, and/or Azure
•   Strong knowledge of Linux systems and Kubernetes/Docker environments
•   Experience with IAM solutions and infrastructure automation
•   Practical experience evaluating security implications of AI systems and AI-assisted workflows
•   Experience managing security of Microsoft 365 and Google Workspace tenants
•   Excellent written and verbal communication skills

Preferred Background & Skills

• Experience with certification processes: SOC2, ISO 27001, FedRAMP, or Cyber Essentials Plus 
• Certifications: OSCP, GCIH, GCFA, or equivalent penetration testing / incident response credentials
• Experience in Go or Python
• Background in open-source communities
• Endpoint security management experience in a fully remote organisation

Export Control & Eligibility

This role may involve access to information subject to U.S. export control regulations (EAR/ITAR). Applicants should be aware that eligibility requirements may apply. We encourage candidates with questions about this to reach out. Many UK-based security professionals with defence backgrounds will qualify. We are happy to discuss your specific situation.

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.

 

Mattermost is the secure collaboration platform trusted by Global organizations. Our platform runs on-premises, cloud, and in air-gapped environments, enabling mission-critical workflows from the tactical edge to the enterprise HQ, where data sovereignty and operational security are non-negotiable.

We are hiring a Senior Security Engineer to protect the people, infrastructure, and tooling that goes into building and hosting Mattermost. This is a hands-on, high-impact role at the intersection of enterprise security engineering, cloud information security, and AI-enabled threat response.

Why Join Mattermost

•   Fully remote, globally distributed team | no commute, genuine flexibility
•   Be a key voice in shaping and delivering security strategy
•   Competitive salary, equity, and benefits with meaningful work attached

The Role

As a Senior Security Engineer, you will lead the design and implementation of security tooling, harden our cloud and IT infrastructure, and serve as a key responder to incidents. You will work across a globally distributed team and partner closely with Engineering to manage AI-enabled risk.

Key Responsibilities

• Lead security and IT projects to enhance the security posture of infrastructure and the company
• Detect, investigate, and remediate security incidents using SIEM, EDR, and SOAR tooling (e.g. CrowdStrike, SentinelOne)
• Conduct threat hunting across cloud and endpoint environments using a Zero Trust framework
• Administer company-wide IAM and security monitoring infrastructure
• Contribute to security policies, incident response, forensics, and endpoint management programmes
• Partner with Engineering to assess and mitigate risks from AI-enabled tools and workflows
• Explore and implement AI/automation in detection, analysis, and response pipelines
• Engage closely with North American and international staff across time zones

Required Background & Skills

•   Bachelor’s degree in Computer Science or a related field, or significant professional security experience
•   3+ years of hands-on experience in security engineering and incident response
•   Experience with SIEM platforms and security monitoring systems
•   Experience with EDR tools such as CrowdStrike or SentinelOne
•   Knowledge of SOAR platforms and automation of security workflows
•   Familiarity with Zero Trust architecture principles and threat hunting methodologies
•   Experience with cloud security controls across AWS, GCP, and/or Azure
•   Strong knowledge of Linux systems and Kubernetes/Docker environments
•   Experience with IAM solutions and infrastructure automation
•   Practical experience evaluating security implications of AI systems and AI-assisted workflows
•   Experience managing security of Microsoft 365 and Google Workspace tenants
•   Excellent written and verbal communication skills

Preferred Background & Skills

• Experience with certification processes: SOC2, ISO 27001, FedRAMP, or Cyber Essentials Plus 
• Certifications: OSCP, GCIH, GCFA, or equivalent penetration testing / incident response credentials
• Experience in Go or Python
• Background in open-source communities
• Endpoint security management experience in a fully remote organisation

Export Control & Eligibility

This role may involve access to information subject to U.S. export control regulations (EAR/ITAR). Applicants should be aware that eligibility requirements may apply. We encourage candidates with questions about this to reach out. Many UK-based security professionals with defence backgrounds will qualify. We are happy to discuss your specific situation.

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.