Senior Security Engineer

Senior Security Engineer at ClickUp

ClickUp is a breakout leader across every G2 category we participate in and is positioned for rapid growth. Our platform is designed to serve everyone, from families to Fortune 500 enterprises.

We are hiring a Senior Security Engineer to join a newly formed, engineering-driven security team. This team partners closely with and embeds within existing engineering groups at ClickUp. Our security organization focuses on developing and sharing technology such as defensive security capabilities, secure infrastructure and operational tooling, incident response tools and processes, as well as security standards and guardrails.

In this role, you will help foster a culture centered on security enablement. By working closely with product engineers, you will support the development and release of secure applications built with Angular, Node.js, and PostgreSQL, hosted on AWS.

You will act as a strategic partner to multiple engineering teams, contributing to the design, development, and implementation of secure solutions. As we continue to scale, we are seeking Security Engineers who are excited to take on this challenge.

The Role:

Perform some or all of the following, based on experience and skill set:

• Design and implement security features and protective measures that safeguard the full ClickUp platform.
• Conduct threat modeling, security testing, and implementation reviews; evaluate requirements and architectural designs.
• Develop tools that support prevention, detection, and response efforts across the entire SDLC—from code and testing through deployment and operations.
• Integrate with engineering and product teams, serving as a “security player-coach.”
• Create and enhance security automation within the ClickUp platform; build secure-by-default infrastructure and application patterns.
• Monitor and assess production security events and provide detailed incident analysis when required.
• Collaborate with engineers, product managers, data engineers, operators, and fellow security team members to help deliver a secure product.

Qualifications:

• Several years of experience in technology or software engineering.
• Experience with Angular, Node.js, and PostgreSQL, or comparable technologies.
• Ability to recognize and provide initial assessments of security risks.
• Solid understanding of common security challenges and the ability to recommend secure design solutions.
• Experience working in cloud and SaaS environments.
• Ability to mentor team members on technical subjects, including security topics.

Preferred:

• Experience leading technical initiatives, including team, project, or indirect technology leadership.
• Skilled at facilitating collaborative discussions rather than directing them.
• 5+ years of software development experience, including at least 1 year focused on security.
• Familiarity with security tooling such as SAST, DAST, RASP, dependency scanning tools, and SIEM platforms.
• At least 2 years of experience with AWS, including IAM and least-privilege design principles.

If you don’t meet every listed qualification but are enthusiastic about the opportunity, we still encourage you to apply. We value ambition, determination, and a genuine interest in improving how people work. If ClickUp feels like the right fit for you, we welcome your application.

At ClickUp, we evaluate every candidate based on the impact they can make. We hire exceptional people and support each individual in building their boldest career.

Key skills/competency

• Application Security
• Threat Modeling
• Security Testing
• SDLC Security
• Cloud Security
• AWS IAM
• Secure Design
• Security Automation
• Incident Response
• SAST/DAST