Principal Security Engineer

<p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">The Security team ensures that our users, employees, and platform are protected from malicious activity and accidental data exposure. We build secure-by-default systems, frameworks, and tooling that enable engineering teams to ship fast without compromising trust. Our focus includes least-privilege access, scalable detection and alerting, automation to eliminate entire classes of risk, and security that grows with the business.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">We are seeking a Principal Security Engineer to provide technical leadership and execution across a complex, global, high-growth SaaS environment. This is a senior individual contributor role reporting to the Head of Security, with accountability for defining security architecture, setting technical direction, and driving cross-company alignment between Security, Engineering, Product, and Executive leadership.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">You are both a strategist and a builder: setting long-term vision while remaining deeply hands-on with system design, security architecture, and critical incidents.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">This role is based in our San Francisco office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interviewing for this role, your recruiter will share more about the in-office requirements.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>What you’ll achieve:</strong></span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Define and deliver the Security Engineering technical strategy and multi-year roadmap aligned with Asana’s product, platform, and business priorities.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Raise the technical bar across security engineering through design and risk reviews, hands-on mentorship, and clear standards.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Partner with senior leaders across Engineering, Product, and Infrastructure to improve Asana’s overall security posture.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Develop security policies, processes, and procedures that scale with a growing, global engineering organization.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Help grow the security engineering team through recruiting and interviewing.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Stay ahead of the threat landscape and support teams building new features and technologies to ensure they are secure by design.</span></li> </ul> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>About you:</strong></span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">10+ years in a security-related engineering role, with 3+ years in a staff or principal-level role.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Experience as a technical lead across multiple teams, influencing direction beyond direct ownership.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Strong software engineering background, with the ability to engage deeply in system design, security architecture, and complex technical trade-offs.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Deep understanding of application and platform risks (e.g., OWASP Top 10), identity and access controls (OAuth, OIDC, SAML), and modern attack patterns.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Significant, hands-on experience securing cloud environments at scale, especially AWS.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">You excel at evaluating security trade-offs, making pragmatic, risk-informed decisions, and communicating those decisions clearly to technical and non-technical stakeholders.</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Demonstrated curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making</span></li> </ul> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">At Asana, we're committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission. If you're interested in this role and don't meet every listed requirement, we still encourage you to apply.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><strong>What we’ll offer</strong></span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Our comprehensive compensation package plays a big part in how we recognize you for the impact you have on our path to achieving our mission. We believe that compensation should be reflective of the value you create relative to the market value of your role. To ensure pay is fair and not impacted by biases, we're committed to looking at market value which is why we check ourselves and conduct a yearly pay equity audit.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">For this role, the estimated base salary range is between $336,000 - $395,000. The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">In addition to base salary, your compensation package may include additional components such as equity, sales incentive pay (for most sales roles), and benefits. If you're interviewing for this role, speak with your Talent Acquisition Partner to learn more about the total compensation and benefits for this role.</span></p> <p><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">We strive to provide equitable and competitive benefits packages that support our employees worldwide and include:</span></p> <ul> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Mental health, wellness &amp; fitness benefits</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Career coaching &amp; support</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Inclusive family building benefits</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">Long-term savings or retirement plans</span></li> <li style="font-family: arial, helvetica, sans-serif; font-size: 10pt;"><span style="font-family: arial, helvetica, sans-serif; font-size: 10pt;">In-office cul