Senior Security Engineer

Location Details: Remote, India

At GoDaddy the future of work looks different for each team. Some teams work in the office full-time; others have a hybrid arrangement (they work remotely some days and in the office some days) and some work entirely remotely.

This is a remote position, so you’ll be working remotely from your home. You may occasionally visit a GoDaddy office to meet with your team for events or meetings 

Join Our Team...
GoDaddy’s Vulnerability Management team, part of the Information Security organization, is responsible for maintaining strong security hygiene and driving high-impact initiatives that improve transparency and strengthen our overall security posture
We are looking for a Vulnerability Management Engineer to develop the architecture and capability roadmap that supports the strategic goals of GoDaddy Global Security. In this role, you will work closely with cross-functional teams to identify vulnerabilities across our global infrastructure, assist in remediation efforts, support internal stakeholders, and help secure GoDaddy’s expanding attack surface as the company continues to grow

What you'll get to do...

• Craft and implement security solutions to identify risks, build capability roadmaps, and secure GoDaddy’s infrastructure—both cloud and on-prem—through vulnerability scanning, perimeter validation, and remediation support
• Conduct detailed vulnerability assessments, impact analysis, and perimeter scanning using tools like Tenable and Qualys; validate results and provide actionable recommendations and mitigation plans
• Monitor and report data for the Vulnerability Management Program from internal and external sources
• Collaborate with compliance teams to ensure appropriate scanning, testing, reporting, and mitigation efforts meet compliance standards, while also supporting validation of false positives and user remediation efforts
• Drive process maturity and automation by developing policies, tools, practices, and partnerships to enhance security operations and improve efficiency and throughput
• Provide leadership and mentorship to team members while maintaining updated knowledge on evolving threat landscapes, attacker techniques, and effective countermeasures

Your experience should include...

• 6+ years of experience in vulnerability management within mid-to-large IT organizations, especially in cloud environments; proven track record in security risk assessments, web and network vulnerability scanning, reporting, and threat modeling
• Strong hands-on experience with AWS Cloud security, including defining and implementing security controls; In-depth knowledge of desktop and server OS like RedHat/CentOS Linux and Windows Server
• Conducting detailed vulnerability assessments, impact analysis, perimeter scanning using tools like Tenable and Qualys, and identifying and remediating zero-day vulnerabilities and other critical risks
• Experience crafting automated security solutions using scripting or programming languages such as Python, Shell/BASH, Ruby, Java, C/C++, Perl.
• Ability to craft and implement security solutions, identify risks, and build capability roadmaps
• Proficient in tracking/reporting key vulnerability management metrics, monitoring threats, collaborating with compliance teams for scanning/testing/reporting, supporting user remediation and false positives; skilled in tools like Microsoft Office Suite, Jira, ServiceNow

You might also have...

• Bachelor’s Degree in a relevant field or equivalent work experience
• Expert in designing and implementing vulnerability management controls aligned with major security standards (CIS, PCI-DSS, NIST, ISO 27001)
• Familiarity with CVSS, CWE, and vulnerability scoring methodologies
• Experience with Tanium and BurpSuite tools
• Hands-on experience in penetration testing
• AI-related security experience or knowledge

We've got your back...  We offer a range of total rewards that may include paid time off, retirement savings (e.g., 401k, pension schemes), bonus/incentive eligibility, equity grants, participation in our employee stock purchase plan, competitive health benefits, and other family-friendly benefits including parental leave. GoDaddy’s benefits vary based on individual role and location and can be reviewed in more detail during the interview process.

We also embrace our diverse culture and offer a range of Employee Resource Groups (Culture). Have a side hustle? No problem. We love entrepreneurs! Most importantly, come as you are and make your own way

About us...  GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online, making opportunity more inclusive for all. GoDaddy is the place people come to name their idea, build a professional website, attract customers, sell their products and services, and manage their work. Our mission is to give our customers the tools, insights, and people to transform their ideas and personal initiative into success. To learn more about the company, visit About Us

At GoDaddy, we know diverse teams build better products—period. Our people and culture reflect and celebrate that sense of diversity and inclusion in ideas, experiences and perspectives. But we also know that’s not enough to build true equity and belonging in our communities. That’s why we prioritize integrating diversity, equity, inclusion and belonging principles into the core of how we work every day—focusing not only on our employee experience, but also our customer experience and operations. It’s the best way to serve our mission of empowering entrepreneurs everywhere, and making opportunity more inclusive for all. To read more about these commitments, as well as our representation and pay equity data, check out our Diversity and Pay Parity annual report which can be found on our Diversity Careers page

GoDaddy is proud to be an equal opportunity employer. GoDaddy will consider for employment qualified applicants with criminal histories in a manner consistent with local and federal requirements. Refer to our full EEO policy

Our recruiting team is available to assist you in completing your application. If they could be helpful, please reach out to myrecruiter@godaddy.com

GoDaddy doesn’t accept unsolicited resumes from recruiters or employment agencies