Principal Risk Engineer

Location Details: 

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time, others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.

This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings.  

This position is not eligible to be performed in Alaska, Mississippi, North Dakota, or the Virgin Islands.

GoDaddy is not currently considering candidates for this role in California, Seattle, or NYC.

Join Our Team

GoDaddy’s Information Security Org is looking for a Principal Security Engineer to join our organization. Do you want to be an Information Security Lead at GoDaddy? We work out large-scale and cross-company security challenges while ensuring that partnership with the development and operational communities remains front of mind. At GoDaddy, Security Engineers apply their strong hands-on technical to craft scalable solutions for multiplex problems. You must communicate with GoDaddy Engineering teams, be performing security assessments, prioritize security risks, and design. We as a team implement high-quality security engineering solutions.

Expertise in the secure design and verification of architecture for cloud-based web services is a must-have for this role.

What you'll get to do...

• Lead cybersecurity risk assessments for applications, infrastructure, cloud services, and third-party solutions
• Evaluate security exceptions, risk acceptances, and compensating controls using a risk-based approach
• Partner with cross-functional teams to identify risks and define practical mitigations
• Assess security implications of emerging technologies, including artificial intelligence and machine learning
• Communicate technical risks and recommendations to technical and non-technical stakeholders
• Strengthen standards, governance processes, and secure-by-design practices across the organization

Your experience should include...

• 7+ years of professional experience in security engineering, working across multiple domains such as security architecture, cryptography, network security, cloud security, mobile security, and web security
• Experience leading or contributing to threat modeling activities
• Experience partnering with product development teams throughout the software development lifecycle using secure-by-design principles
• Experience reviewing and handling security exceptions, risk acceptances, and compensating controls
• Knowledge of security risks introduced by artificial intelligence and machine learning systems, generative artificial intelligence tools, and automated decision-making platforms
• Broad understanding of cybersecurity domains including network security, application security, cloud security, identity and access management, data protection, vulnerability management, security operations, and infrastructure security
• Experience applying security engineering practices that align with security and privacy compliance requirements
• Knowledge of security frameworks and standards such as National Institute of Standards and Technology, International Organization for Standardization 27001, Center for Internet Security Controls, and Factor Analysis of Information Risk
• Ability to analyze complex technical environments and make practical, balanced risk decisions

You might also have...

• Industry-recognized security certifications such as Certified Information Systems Security Professional, Global Information Assurance Certification, Offensive Security certifications, or similar credentials
• Working knowledge of machine learning and artificial intelligence systems
• Software development experience in one or more programming languages

We encourage you to apply even if your experience or skillset doesn’t align perfectly with every requirement. We value a wide range of backgrounds and transferable skills, and we are excited to support learning and growth.

About us...  GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us. 

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page.

We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way. 

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy.

Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to [email protected]. 

Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information.

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies.