Hiring.Camp

Security Engineer, Red Team

Asana

·

Aug 26, 2025

Workplace
Hybrid, Onsite
Type
Contract, Internship
Department
Engineering
Experience
5+ years

Description

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world’s teams to work together effortlessly. Our security team protects Asana’s employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations.

We’re looking for a security engineer to join our Security Red Team in Warsaw. You’ll be a foundational member of the security presence in a key engineering hub, partnering directly with IT, infrastructure, and product teams to ensure we design and ship secure software. You will be instrumental in scaling our security practices by performing security reviews and penetration testing assessments of our products and internal applications, eliminating entire classes of vulnerabilities, and championing a security-first mindset.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday.

We offer a Contract of Employment (UoP) for our employees in Poland

What you’ll achieve:

  • Conduct security architecture reviews, threat modeling, and penetration testing for new features and services across our product and internal applications.
  • Test software for application security vulnerabilities through various assessment methodologies, including penetration testing.
  • Triage, investigate, and drive remediation of vulnerabilities from our bug bounty program, internal penetration tests, and automated security tooling.
  • Influence engineering initiatives by conducting design and roadmap reviews, effectively communicating security constraints, and assisting teams in making informed trade-offs.
  • Investigate product security incidents as an incident subject matter expert, using logs and monitoring tools.
  • Develop and deliver training to educate engineers on secure coding best practices and emerging threats.
  • Stay informed of industry trends, emerging threats, and best practices to ensure that Asana’s security posture remains robust.
  • Collaborate with teammates and stakeholders to develop both short-term and long-term strategies for risk management.
  • Join a collaborative Security team composed of specialists in product, application, software engineering, infrastructure and detection and response, all working together to help engineering teams design and ship secure software.

About you:

  • 5+ years of experience in application security, product security, penetration assessments, or software engineering with a security focus, with significant experience in security reviews and penetration testing.
  • Strong software engineering background with experience in languages like Python, Javascript/Typescript or Scala
  • Deep working knowledge of the OWASP Top 10 and common web application vulnerabilities such as XSS, CSRF, SSRF, and SQL injection
  • Experience with security tools for static/dynamic analysis (SAST/DAST), software composition analysis (SCA), and vulnerability management.
  • Proven experience performing security design reviews and threat modeling for complex applications, as well as conducting comprehensive penetration tests.
  • Excelling communication skills for collaborating effectively with both technical and non-technical partners.
  • A pragmatic and collaborative mindset, with a passion for building defenses against real-world attacks and enabling other engineers to do their best, most secure work.

What we offer:

  • Generous, transparent and fair compensation system (base salary and generous Restricted Stock Unit for Asana Inc.) 
  • Contract of Employment (with 50% tax deductible costs for author’s rights usage for Engineers) 
  • Health insurance with dental and travel coverage (Lux Med) 
  • Lunch catering on the days that you work from the office
  • Career growth budget 
  • Home office setup budget 
  • Gym/Fitness reimbursement
  • Fertility healthcare and family-forming support with Carrot
  • Mental health support in Modern Health
  • Group life insurance
  • MacBooks with all necessary accessories

For this role, the estimated base salary range is between 25,604  - 35,854 PLN gross monthly on the contract of employment (UoP). The actual base salary will vary based on various factors and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base compensation range for this role may be modified.

Our total compensation consists of base salary and equity (RSUs). 

#appsec #securityengineer #LI-Hybrid

About us

Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

Join Asana’s Talent Network to stay up to date on job opportunities and life at Asana.

Skills

PythonJavaScriptTypeScriptScalaSQLPenetration TestingRisk Management

Similar Jobs

30

Lead Security Engineer - Red Team

JPMorgan Chase · Plano, TX, United States, US

1 week ago

Lead Security Engineer - Red Team

JP Morgan Chase · Plano, TX, United States, US

1 week ago

Cyber Security Engineer (Red Team)

Scires · Patuxent River, MD, US · Onsite

2 weeks ago

Senior Offensive Security Engineer (Red Team)

Salesforce · California - Remote, United States of America +3 · Onsite

2 weeks ago

Lead Security Engineer, Red Team & Threat Intel

Grab · Petaling Jaya, Malaysia

1 month ago

Lead Security Engineer, Red Team & Threat Intel

Grab · Jakarta, Indonesia

1 month ago

Informācijas Sistēmu Drošības Inženieris (Red Team)/Information System Security Engineer (Red Team)

Evolution Gaming Group · Riga, Latvia

1 month ago

Senior Offensive Security Engineer (Red Team)

Keybank · 4910 Tiedeman Road, Brooklyn, OH, United States of America +1 · Remote

1 month ago

Offensive Security Engineer (Red Team)

PlexTrac

2 months ago

Senior Security Engineer - Red Team (Remote)

Insider One · Istanbul, Turkiye · Remote

3 months ago

Senior Security Engineer, Red Team

Doordash USA · United States - Remote · Remote

4 months ago

Red Team Security Engineer (Red Team Operator)

Millennium Corporation · Huntsville, AL, US

4 months ago

Staff Security Engineer – Red Team (AI)

Geico · WA Seattle - JPS, United States of America +3

4 months ago

Senior / Staff Security Engineer, Red Team

Radar · New York · Onsite

4 months ago

Senior Security Engineer (Red Team Specialist)

Flip · Onsite

5 months ago

AI Red Team Security Engineer

Ethoslife · Remote US · Remote

1 month ago

Security Engineer II - Red Team (BAS)

Ibkr · Mumbai, India

1 month ago

Red Team Security Engineer III

Millennium Corporation · Colorado Springs, CO, US

1 month ago

Red Team Security Engineer

Sabio Group · Cape Town

2 months ago

Red Team Security Engineer III

Millennium Corporation · Colorado Springs, CO, US

2 months ago

Red Team Security Engineer

Millennium Corporation · Colorado Springs, CO, US

2 months ago

Red Team Security Engineer

Astranis · San Francisco +1

3 months ago

System Engineer, Information Security (Red Team)

Octopus · Hong Kong, HK

4 months ago

Red Team Security Engineer I

Millennium Corporation · Huntsville, AL, US

4 months ago

Red Team Security Engineer II

Millennium Corporation · Huntsville, AL, US

4 months ago

Red Team Security Engineer III

Millennium Corporation · Huntsville, AL, US · Remote

4 months ago

Red Team Security Engineer IV

Millennium Corporation · Huntsville, AL, US · Remote

4 months ago

Security Software Engineer - Red Team Pen Tester

Data Intelligence LLC · Dahlgren, VA · Remote, Hybrid, Onsite

6 months ago

Red Team Engineer/ Offensive Security Lead

Authentic8 · Remote - United States · Remote

1 week ago

Red Team Lead Security Engineer

JP Morgan Chase · Plano, TX, United States, US

1 month ago