Principal Security Governance Engineer

Job Summary:
The Principal Security Governance Engineer will lead the development and implementation of security governance, risk, and compliance strategies for the Atlassian Security Organization as a senior member of the Security Governance team. This role will assume the HIPAA Security Officer role and lead the Human Risk Management function focusing on security awareness and training programs. The ideal candidate will have extensive experience in cybersecurity governance, risk management and compliance frameworks within fast-moving, highly collaborative product engineering companies, with a strong ability to drive strategic initiatives across the organization.

Why Join Us:
This is an exciting opportunity to lead and shape the security governance landscape at Atlassian. You will work on cutting-edge security initiatives, collaborate with diverse teams, and contribute to the protection of our organization's assets and reputation.

• Security Governance and Risk Management:
  
  
  • Design and implement comprehensive security governance frameworks and risk management strategies using Atlassian products, tools and systems.
  • Evaluate and report on the effectiveness of security controls and compliance with relevant laws and regulations, including HIPAA.
  • Collaborate with cross-functional teams to integrate security practices into all aspects of the organization.
• HIPAA Security Officer:
  
  
  • Assume the HIPAA Security Officer role to ensure compliance with HIPAA security requirements.
  • Develop and maintain policies and procedures to protect sensitive health information in Atlassian products and services.
  • Conduct security audits and assessments to ensure ongoing compliance and address any gaps.
• Human Risk Management:
  
  
  • Develop and implement security awareness and training programs to mitigate human risk factors.
  • Conduct regular training sessions and workshops to educate employees on security best practices.
  • Monitor, evaluate and improve HRM programs such as phishing simulations, mandatory training, threat intelligence liaison and audit support.
• Leadership and Collaboration:
  
  
  • Provide leadership and guidance to the Security Governance team, fostering a culture of security awareness and continuous improvement.
  • Engage with stakeholders across the organization to promote security initiatives and ensure alignment with business objectives.
  • Stay informed on the latest developments in cybersecurity and risk management to ensure the organization remains at the forefront of security practices.

• 10+ years of experience in security governance, risk management, and compliance, preferably in a large-scale SaaS/Product environment.
• Strong knowledge of cybersecurity principles, technology-related regulations, and IT governance frameworks.
• Experience in leading security awareness and training programs.
• Excellent communication, documentation, presentation and leadership skills, with the ability to influence and engage stakeholders at all levels.

• CRISC, CISSP, CISA, or equivalent certifications are preferred.