Security Engineer, Threat Response

Описание вакансии

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world’s teams to work together effortlessly. Our security team protects Asana’s employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations.

We’re looking for a Security Operations Engineer to join our Security blue team in Warsaw. You’ll be a foundational member of the security presence in a key engineering hub, partnering directly with IT, infrastructure, and product teams to ensure we have robust detection, response, and vulnerability management capabilities. You will be instrumental in scaling our security practices by building effective monitoring, automating repetitive security operations tasks, and championing a security-first mindset.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday.

We offer a Contract of Employment (UoP) for our employees in Poland

What you’ll achieve:

• Lead security incident detection, analysis, and response efforts, ensuring timely and effective remediation of security incidents.
• Manage and mature our vulnerability management program, including scanning, assessment, prioritization, and tracking remediation efforts.
• Utilize and optimize security tools such as Panther for SIEM, CrowdStrike for endpoint detection and response, and other security platforms.
• Develop, implement, and maintain security playbooks and automation scripts to streamline security operations and reduce manual toil.
• Monitor security alerts and threat intelligence feeds, proactively identifying and addressing emerging threats.
• Conduct forensic analysis during security incidents to understand the scope and impact of incidents.
• Collaborate with engineering teams to integrate security best practices into development processes and provide guidance on secure configurations.
• Develop and deliver training to educate engineers on security operations, incident response, and vulnerability remediation best practices.
• Stay informed of industry trends, emerging threats, and best practices in security operations, detection, and response to ensure Asana’s security posture remains robust.
• Collaborate with teammates and stakeholders to develop both short-term and long-term strategies for risk management.
• Join a collaborative Security team composed of specialists in product, application, software engineering, infrastructure, and detection and response, all working together to help engineering teams design and ship secure software.

About you:

• 6+ years of experience in security operations, incident response, threat detection, or vulnerability management.
• Strong experience with SIEM platforms (e.g., Panther, Splunk, Elastic Security) for log analysis, alert correlation, and dashboard creation.
• Deep working knowledge of endpoint detection and response (EDR) tools (e.g., CrowdStrike, SentinelOne) and their capabilities.
• Proven experience in developing and implementing security automation using scripting languages (e.g., Python, PowerShell) or orchestration tools.
• Experience performing security incident investigations and forensic analysis.
• Familiarity with common attack techniques, tactics, and procedures (TTPs) and frameworks like MITRE ATT&CK.
• Excelling communication skills for collaborating effectively with both technical and non-technical partners.
• A pragmatic and collaborative mindset, with a passion for building robust defenses and enabling other engineers to do their best, most secure work.
• Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

What we offer:

• Generous, transparent and fair compensation system (base salary and generous Restricted Stock Unit for Asana Inc.)
• Contract of Employment (with 50% tax deductible costs for author’s rights usage for Engineers)
• Health insurance with dental and travel coverage (Lux Med)
• Lunch catering on the days that you work from the office
• Career growth budget
• Home office setup budget
• Gym/Fitness reimbursement
• Fertility healthcare and family-forming support with Carrot
• Mental health support in Modern Health
• Group life insurance
• MacBooks with all necessary accessories

For this role, the estimated base salary range is between 25,604  - 35,854 PLN gross monthly on the contract of employment (UoP). The actual base salary will vary based on various factors and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base compensation range for this role may be modified.

Our total compensation consists of base salary and equity (RSUs).

#LI-Hybrid #appsec #securityengineer

About us

Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

Join Asana’s Talent Network to stay up to date on job opportunities and life at Asana.