Security Testing Engineer - Penetration Tester

The Security Testing teams mission is to partner with Atlassian internal teams globally to provide innovative and holistic security testing to secure Atlassian products, platforms and customers. This role supports Atlassian s security team, Engineers and Customers by performing high quality penetration testing on our software, platforms and services. This role supports Atlassian s security team, Engineers and Customers by providing world class technical assurance of our software, platforms and services through high quality manual penetration testing and code review. Working at Atlassian Atlassians can choose where they work - whether in an office, from home, or a combination of the two. That way, Atlassians have more control over supporting their family, personal goals, and other priorities. We can hire people in any country where we have a legal entity. Interviews and onboarding are conducted virtually, a part of being a distributed-first company. ","responsibilities":" You will support others in technically validating the state of Atlassian s technical security controls, working closely with both our security and engineering teams. You enjoy vulnerability hunting and get excited when you find vulnerabilities that typical automated toolsets can t. You must have a strong ability to work with colleagues to understand our products and then come up with ways to strengthen security. Since we work closely with our product engineering teams, the ability to read and understand code is very important. Our products are built using a number of different languages but Java, Go, and Python are the most common. ","qualifications":" On your first day, well expect you to have: 3+ years working in a penetration testing/appsec/manual code review role Strong understanding of web application security Experience in cloud security architecture and infrastructure Experience coding in Java, Python, or Go, and at least one scripting language An ability to reason about security decisions Experience leading projects from start to finish and mentoring other security practitioners Strong collaboration and communication skills when working with closely with deeply technical development and infrastructure teams Its great, but not required, if you have: Submitted bug bounty reports to third party companies Published contributions to the security community Certifications: OSCP, OSCE, OSWE, CREST CRT, GPEN CVE s to your name Presentation experience at industry events Developed security tools Experience working with compliance, privacy, IT, networking or related functions Benefits & Perks Atlassian offers a wide range of perks and benefits designed to support you, your family and to help you engage with your local community. Our offerings include health and wellbeing resources, paid volunteer days, and so much more. To learn more, visit