Principal Risk Engineer
About The Position
GoDaddy’s Information Security Org is looking for a Principal Security Engineer to join our organization. This role involves tackling large-scale and cross-company security challenges while maintaining strong partnerships with development and operational communities. Security Engineers at GoDaddy apply their strong hands-on technical expertise to craft scalable solutions for complex problems. Key activities include communicating with GoDaddy Engineering teams, performing security assessments, prioritizing security risks, and designing solutions. The team implements high-quality security engineering solutions. Expertise in the secure design and verification of architecture for cloud-based web services is a must-have for this role.
Requirements
- 7+ years of professional experience in security engineering, working across multiple domains such as security architecture, cryptography, network security, cloud security, mobile security, and web security
- Experience leading or contributing to threat modeling activities
- Experience partnering with product development teams throughout the software development lifecycle using secure-by-design principles
- Experience reviewing and handling security exceptions, risk acceptances, and compensating controls
- Knowledge of security risks introduced by artificial intelligence and machine learning systems, generative artificial intelligence tools, and automated decision-making platforms
- Broad understanding of cybersecurity domains including network security, application security, cloud security, identity and access management, data protection, vulnerability management, security operations, and infrastructure security
- Experience applying security engineering practices that align with security and privacy compliance requirements
- Knowledge of security frameworks and standards such as National Institute of Standards and Technology, International Organization for Standardization 27001, Center for Internet Security Controls, and Factor Analysis of Information Risk
- Ability to analyze complex technical environments and make practical, balanced risk decisions
Nice To Haves
- Industry-recognized security certifications such as Certified Information Systems Security Professional, Global Information Assurance Certification, Offensive Security certifications, or similar credentials
- Working knowledge of machine learning and artificial intelligence systems
- Software development experience in one or more programming languages
Responsibilities
- Lead cybersecurity risk assessments for applications, infrastructure, cloud services, and third-party solutions
- Evaluate security exceptions, risk acceptances, and compensating controls using a risk-based approach
- Partner with cross-functional teams to identify risks and define practical mitigations
- Assess security implications of emerging technologies, including artificial intelligence and machine learning
- Communicate technical risks and recommendations to technical and non-technical stakeholders
- Strengthen standards, governance processes, and secure-by-design practices across the organization
Benefits
- paid time off
- retirement savings (e.g., 401k, pension schemes)
- bonus/incentive eligibility
- equity grants
- participation in our employee stock purchase plan
- competitive health benefits
- parental leave
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
