Companies Asana Security Engineer, Threat Response

About the role

Asana · Hybrid

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world's teams to work together effortlessly. Our security team protects Asana's employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations.

We are looking for a Security Engineer, Threat Response to join our Security blue team in New York City. You'll be a foundational member of the security presence in a key hub, partnering directly with IT, infrastructure, and product teams to ensure we have robust detection, response, and vulnerability management capabilities. You will be instrumental in scaling our security practices by building effective monitoring, automating repetitive security operations tasks, and championing a security-first mindset.

This role sits within the Security Threat Operations and Response Management (STORM) group, responsible for the security of Asana the company and the security of the product — ensuring we maintain customer trust and are able to grow sustainably. You will collaborate with teams across the company including Infrastructure, Customer Success, Legal, IT, and other key stakeholders to drive better incident response outcomes.

This role is based in our New York City or San Francisco office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interviewing for this role, your recruiter will share more about the in-office requirements.

What you’ll achieve

  • Lead security incident detection, analysis, and response efforts, ensuring timely and effective remediation of security incidents.
  • Actively participate in and lead the on-call rotation, setting the standard for security incident management across the team.
  • Manage and mature our vulnerability management program, including scanning, assessment, prioritization, and tracking remediation efforts.
  • Utilize and optimize security tools such as Panther for SIEM, CrowdStrike for endpoint detection and response, and other security platforms.
  • Develop, implement, and maintain security playbooks and automation scripts to streamline security operations and reduce manual toil.
  • Monitor security alerts and threat intelligence feeds, proactively identifying and addressing emerging threats.
  • Conduct forensic analysis during security incidents to understand the scope and impact of incidents.
  • Lead retrospectives to help raise engineering excellence and embed a continuous improvement culture across the team.
  • Drive incident management and incident response best practices across the company, mentoring fellow engineers through pairing, process definition, and training exercises.
  • Participate in and help lead tabletop exercises to ensure different stakeholders are thinking about and preparing for incidents across the company.
  • Collaborate with engineering teams to integrate security best practices into development processes and provide guidance on secure configurations.
  • Stay informed of industry trends, emerging threats, and best practices in security operations, detection, and response to ensure Asana's security posture remains robust.
  • Collaborate with teammates and stakeholders to develop both short-term and long-term strategies for risk management.

About you

  • 5+ years of experience in security operations, incident response, threat detection, or vulnerability management.
  • Strong experience with SIEM platforms (e.g., Panther, Splunk, Elastic Security) for log analysis, alert correlation, and dashboard creation.
  • Deep working knowledge of endpoint detection and response (EDR) tools (e.g., CrowdStrike, SentinelOne) and their capabilities.
  • Proven experience in developing and implementing security automation using scripting languages (e.g., Python, PowerShell) or orchestration tools.
  • Experience performing security incident investigations and forensic analysis.
  • Familiarity with common attack techniques, tactics, and procedures (TTPs) and frameworks like MITRE ATT&CK.
  • Hands-on technical expertise in at least two of the following areas: Cloud Security, Detection & Response, Digital Forensics, Network Security, Abuse, or Fraud.
  • Experience working in environments composed primarily of SaaS and cloud resources.
  • Track record of successfully leading incident response projects and mentoring engineers on security operations.
  • Experience making technical trade-offs and articulating them clearly to stakeholders at different levels, both internal and external.

Communication & Mindset

  • Excellent communication skills, able to explain complex technical concepts clearly to both technical and non-technical partners.
  • Customer-obsessed mindset with a drive to deliver the best possible experience and outcomes for Asana's customers and users.
  • A pragmatic and collaborative mindset, with a passion for building robust defences and enabling other engineers to do their best, most secure work.
  • Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

Additional Experience We Value

  • Hands-on experience with logging and monitoring tools such as Datadog, Splunk, and Panther.
  • Hands-on experience with AWS, Google Workspace, and common SaaS applications.
  • Experience with macOS endpoint security, including investigation workflows and EDR capabilities on Apple platforms.
  • Experience with bug bounty programs.
  • Experience with red team/blue team or purple team exercises.

Nice to have: Familiarity with FedRAMP requirements, particularly around incident reporting obligations, continuous monitoring, and evidence collection standards for FedRAMP-authorised environments.

What we'll offer

Our comprehensive compensation package plays a big part in how we recognize you for the impact you have on our path to achieving our mission. We believe that compensation should be reflective of the value you create relative to the market value of your role. To ensure pay is fair and not impacted by biases, we're committed to looking at market value, which is why we check ourselves and conduct a yearly pay equity audit.

For this role, the estimated base salary range is between $202,000 – $230,000. The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified.

In addition to base salary, your compensation package may include additional components such as equity, and benefits. If you're interviewing for this role, speak with your Talent Acquisition Partner to learn more about the total compensation and benefits for this role.

We strive to provide equitable and competitive benefits packages that support our employees worldwide and include:

  • Mental health, wellness & fitness benefits
  • Career coaching & support
  • Inclusive family building benefits
  • Long-term savings or retirement plans
  • In-office culinary options to cater to your dietary preferences

These are just some of the benefits we offer, and benefits may vary based on role, country, and local regulations. If you're interviewing for this role, speak with your Talent Acquisition Partner to learn more about the total compensation and benefits for this role.

About us

Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

Join Asana’s Talent Network to stay up to date on job opportunities and life at Asana.

Ready to apply to Asana?
Apply to Asana

Similar jobs

Asana
Security Engineer, Threat Response
Asana
⚡ Apply early San Francisco Hybrid $202,000–$230,000
● New 👁 Seen ✓ Applied 5h ago
MongoDB
Security Software Engineer, Infrastructure Security (Staff or Senior)
MongoDB
⚡ Apply early Dublin; Ireland Onsite
● New 👁 Seen ✓ Applied 13h ago
MongoDB
Security Software Engineer, Infrastructure Security (Staff or Senior)
MongoDB
⚡ Apply early Austin; New York City; San Fra... Onsite $127,000–$249,000
● New 👁 Seen ✓ Applied 13h ago
MongoDB
Senior Software Engineer, Server Security
MongoDB
⚡ Apply early New York City Onsite $126,000–$248,000
● New 👁 Seen ✓ Applied 13h ago
Crosby
Member of Technical Staff, Security Engineer
Crosby
⚡ Apply early New York City Onsite $200,000–$300,000
● New 👁 Seen ✓ Applied 1d ago
Rocket Money
Senior Infrastructure Engineer, Cloud Security
Rocket Money
⚡ Apply early San Francisco, CA, Washington,... · location restricted $150,000–$200,000
● New 👁 Seen ✓ Applied 1d ago
Betterment
Sr. Product Security Engineer
Betterment
⚡ Apply early Betterment HQ - New York City Onsite $175,000–$205,000
● New 👁 Seen ✓ Applied 1d ago
Betterment
Sr. Security Engineer, Corporate Information Security
Betterment
⚡ Apply early Betterment HQ - New York City Onsite $165,000–$185,000
● New 👁 Seen ✓ Applied 1d ago
Anthropic
Senior Software Security Engineer
Anthropic
⚡ Apply early San Francisco, CA | New York C... Onsite $320,000–$405,000
● New 👁 Seen ✓ Applied 4d ago

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free