Senior Security Engineer

Mattermost is the leading collaborative workflow platform for defense, intelligence, security, and critical infrastructure. Trusted by the U.S. Department of War and Fortune 500s, our platform runs on-premises and in private clouds, delivering secure messaging, file sharing, workflow automation, audio/screenshare, and project management—all with full data and operational control. Mattermost powers high-stakes workflows across mission planning, real-time, real-world operations, DevSecOps, incident response, and cyber defense—enabling secure collaboration from tactical edge and DDIL environments to enterprise HQ. Teams operate across web, desktop, and mobile, with embedded interoperability for Microsoft Teams, Outlook, and Microsoft 365.

To learn more, visit www.mattermost.com

Mattermost is the secure collaboration platform trusted by Global organizations. Our platform runs on-premises, cloud, and in air-gapped environments, enabling mission-critical workflows from the tactical edge to the enterprise HQ, where data sovereignty and operational security are non-negotiable.

We are hiring a Senior Security Engineer to protect the people, infrastructure, and tooling that goes into building and hosting Mattermost. This is a hands-on, high-impact role at the intersection of enterprise security engineering, cloud information security, and AI-enabled threat response.

Why Join Mattermost

•   Fully remote, globally distributed team | no commute, genuine flexibility
•   Be a key voice in shaping and delivering security strategy
•   Competitive salary, equity, and benefits with meaningful work attached

The Role

As a Senior Security Engineer, you will lead the design and implementation of security tooling, harden our cloud and IT infrastructure, and serve as a key responder to incidents. You will work across a globally distributed team and partner closely with Engineering to manage AI-enabled risk.

Key Responsibilities

• Lead security and IT projects to enhance the security posture of infrastructure and the company
• Detect, investigate, and remediate security incidents using SIEM, EDR, and SOAR tooling (e.g. CrowdStrike, SentinelOne)
• Conduct threat hunting across cloud and endpoint environments using a Zero Trust framework
• Administer company-wide IAM and security monitoring infrastructure
• Contribute to security policies, incident response, forensics, and endpoint management programmes
• Partner with Engineering to assess and mitigate risks from AI-enabled tools and workflows
• Explore and implement AI/automation in detection, analysis, and response pipelines
• Engage closely with North American and international staff across time zones

Required Background & Skills

•   Bachelor’s degree in Computer Science or a related field, or significant professional security experience
•   3+ years of hands-on experience in security engineering and incident response
•   Experience with SIEM platforms and security monitoring systems
•   Experience with EDR tools such as CrowdStrike or SentinelOne
•   Knowledge of SOAR platforms and automation of security workflows
•   Familiarity with Zero Trust architecture principles and threat hunting methodologies
•   Experience with cloud security controls across AWS, GCP, and/or Azure
•   Strong knowledge of Linux systems and Kubernetes/Docker environments
•   Experience with IAM solutions and infrastructure automation
•   Practical experience evaluating security implications of AI systems and AI-assisted workflows
•   Experience managing security of Microsoft 365 and Google Workspace tenants
•   Excellent written and verbal communication skills

Preferred Background & Skills

• Experience with certification processes: SOC2, ISO 27001, FedRAMP, or Cyber Essentials Plus 
• Certifications: OSCP, GCIH, GCFA, or equivalent penetration testing / incident response credentials
• Experience in Go or Python
• Background in open-source communities
• Endpoint security management experience in a fully remote organisation

Export Control & Eligibility

This role may involve access to information subject to U.S. export control regulations (EAR/ITAR). Applicants should be aware that eligibility requirements may apply. We encourage candidates with questions about this to reach out. Many UK-based security professionals with defence backgrounds will qualify. We are happy to discuss your specific situation.

Mattermost takes a market-based approach to pay and pay may vary depending on your location. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.

 

Posting Range£76,123—£100,992 GBPMattermost is an EEO Employer, we are a remote-first, open-source company.   We are continually working to expand our hiring in more countries and regions, ensuring compliance with local laws and regulations, which takes time.   Mattermost values your unique perspective—we welcome all applicants. We encourage individuals from all backgrounds to apply and are committed to assessing candidates based on their skills and qualifications. We do not tolerate discrimination against staff or applicants based on race, religion, national origin, age, disability, pregnancy status, veteran status, or other personal characteristics.   If you require accommodations during the interview process, please let us know—we’re happy to assist.