At ClickUp, we’re not just building software. We’re architecting the future of work! In a world overwhelmed by work sprawl, we saw a better way. That’s why we created the first truly converged AI workspace, unifying tasks, docs, chat, calendar, and enterprise search, all supercharged by context-driven AI, empowering millions of teams to break free from silos, reclaim their time, and unlock new levels of productivity. At ClickUp, you’ll have the opportunity to learn, use, and pioneer AI in ways that shape not only our product, but the future of work itself. Join us and be part of a bold, innovative team that’s redefining what’s possible! 🚀
ClickUp is the breakout momentum leader in every G2 category we're in and ready to take off! Our app is the first of its kind to work for everyone from families to Fortune 500 companies.
We're looking for a Security Engineer, AppSec for a brand-new, engineering-focused security team. We partner with and embed inside of existing engineering teams at ClickUp. The security team at ClickUp works to build and share technology including defensive security features and functionality, secure infrastructure and operational tools, security response tooling and processes, and security guidelines and guardrails.
You will work to build a culture of security enablement. Your focus on our product engineers will allow them to build and ship secure products based on Angular, Node.js, and PostgresSQL, all hosted in AWS.
You'll be a strategic partner working directly with various engineering teams helping to design, develop and guide teams to secure solutions. We're scaling quickly, and are looking for Security Engineers who aren't afraid of this challenge!
The Role:
Perform some or all of the following, depending on skill-set:
Design, develop and build security features and defenses that protect the entire scope of the ClickUp platform.
Perform threat models, implementation reviews, and security testing; review requirements and designs.
Design and build tools to help with all stages in security prevention, detection, and response; across the full SDLC from code and test, through to deploy and operate.
Embed yourself into existing engineering and product teams, acting as a "security player-coach".
Build security automation for and into the ClickUp platform; design and build secure-by-default infrastructure and applications.
Monitor and analyze production security events and, as needed, provide in-depth incident analysis.
Build relationships with other engineers, product managers, data engineers, operators, and security team members to enable shipping a secure product.
Qualifications:
Multiple years of experience in technology / software development.
Experience with Angular, Node.js, and PostgresSQL; or similar technologies.
An ability to identify and provide a basic assessment of security threats.
An understanding of security problems, paired with an ability to suggest solutions to software design problems.
Cloud and SaaS experience.
Ability to mentor others on technical topics, including security.
Desirable:
Past experience with pushing technical initiatives; team, project, or indirect management of technology.
Can facilitate a conversation rather than dictate it.
5+ years of software development experience and 1+ year of security-specific experience.
Experience with security tools; SAST, DAST, RASP, dependency checkers, SIEM.
2 years of AWS experience; IAM and least-privilege architectures.
If you are a software engineer who is only starting on learning security, please do apply!
Unsure if you meet all the qualifications of this job description but are deeply excited about the role? We hire based on ambition, grit, and a passion for improving the way people work. If you think ClickUp is the company for you, we encourage you to apply!
At ClickUp, we assess every candidate based on the potential impact they can have. We hire the best people for the job and support each person’s journey to build their boldest career.
Equal Opportunity Employer
ClickUp is an Equal Opportunity Employer, and qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
Privacy Notice
ClickUp collects and processes personal data in accordance with applicable data protection laws.
If you are a European Job Applicant, see our privacy policy for further details.
If you are a Philippine Job Applicant, see our privacy policy and our Philippine Data Privacy Notice for further details.
Visa Sponsorship
Please note we are unable to sponsor or take over sponsorship of an employment visa for roles outside of engineering and product at this time. Sponsorship for engineering and product roles is not guaranteed, but is instead based on the business needs for that specific role at that time. Please reach out to the recruiter with any questions.
Fraud Alert
ClickUp Talent Acquisition will only initiate contact via an @clickup.com email or through our official careers portal on clickup.com. We will never request fees, payments, or sensitive personal information. Please disregard any offers received outside these channels and report them to [email protected].
Top Skills
Similar Jobs
What you need to know about the Colorado Tech Scene
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
