Group Tech Lead, Security Threat Operations & Response Management

Warsaw·Infrastructure Engineering·engineering
Apply on Asana →

<p>At Asana, security is foundational to our mission of helping humanity thrive by enabling the world&#39;s teams to work together effortlessly. Our security team protects Asana&#39;s employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations. We are looking for a collaborative, innovative Group Tech Lead for Security Threat Operations and Response Management to join our security organization in Warsaw. This is a senior technical leadership role that sits at the intersection of offensive and defensive security — a true purple team visionary who will design and drive Asana&#39;s threat operations strategy from the ground up. You will set the long-term technical direction for how we detect, emulate, respond to, and continuously improve our defences against real-world adversaries.</p> <p>This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are&nbsp;Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from&nbsp;home on Fridays depends on the type of work you do, and your recruiter can share more about the in-office<br>requirements.&nbsp;We offer a Contract of Employment (UoP) for our employees in Poland.</p> <p><strong>What you’ll achieve</strong></p> <ul> <li>Purple Team Strategy &amp; Technical Leadership: Define and own the technical strategy for a fully integrated purple team function, bridging offensive (red team) and defensive (blue team) capabilities into a cohesive, intelligence-driven program.</li> <li>Adversary Emulation: Design and implement a structured adversary emulation programme based on real threat intelligence, ensuring red team exercises directly improve blue team detection and response playbooks&nbsp;while establishing continuous feedback loops.</li> <li>Security Maturity &amp; Industry Standards: Lead Asana&#39;s security maturity journey, defining a roadmap that&nbsp;progressively advances capabilities toward frameworks and standards such as NIST CSF, ISO 27001, SOC 2,&nbsp;and MITRE ATT&amp;CK maturity levels.</li> <li>Lifecycle Management: Develop, own, and continuously improve the end-to-end incident response lifecycle, including policies, playbooks, runbooks, and post-incident review processes.</li> <li>Vulnerability Operations: Design and implement a comprehensive vulnerability management program covering discovery, risk-based prioritization, SLA tracking, and remediation validation.</li> <li>Process Design &amp; Operational Excellence: Architect scalable security operations processes that reduce&nbsp;manual toil through automation and orchestration, enabling the team to operate at high velocity without sacrificing quality.</li> <li>Detection Engineering: Build and standardize detection engineering workflows, ensuring threat detections are systematically developed, tested, tuned, and retired in alignment with the current threat landscape.</li> <li>AI-Driven Innovation: Identify, evaluate, and implement AI and machine learning capabilities to enhance the speed, accuracy, and coverage of threat detection, automated alert triage, root cause analysis, and incident summarization.</li> <li>Organizational Leadership &amp; Enablement: Provide technical mentorship to security engineers across red and blue team disciplines, integrate security best practices into cross-functional development pipelines, and deliver advanced training program.</li> </ul> <p><strong>About you</strong></p> <ul> <li>8+ years of progressive experience in security operations, threat detection and response, or offensive security,&nbsp;with at least 3 years in a senior technical leadership or principal engineering role.</li> <li>Deep technical expertise across both red and blue team disciplines, with a proven track record of designing and&nbsp;leading a purple team or integrated threat operations programme at scale.</li> <li>Strong command of SIEM platforms (e.g., Panther, Splunk, Elastic Security) for detection engineering,&nbsp;advanced log correlation, and extensive knowledge of EDR platforms (e.g., CrowdStrike, SentinelOne) for&nbsp;proactive threat hunting.</li> <li>Expert-level familiarity with operationalizing adversary emulation frameworks (such as MITRE ATT&amp;CK) and&nbsp;handling forensic analysis during complex incident investigations in large cloud-native environments.</li> <li>Strong engineering and automation background utilizing scripting languages (e.g., Python, PowerShell) paired&nbsp;with exposure to SOAR platforms.</li> <li>Strategic capability to translate business risk into a technical roadmap aligned to NIST CSF, ISO 27001, or SOC&nbsp;2 standards, combined with strong technical process design skills.</li> <li>Excellent communication and collaborative skills, with a track record of building cross-functional trust and&nbsp;explaining complex threat concepts clearly to engineering, product, legal, and executive teams alike.</li> <li>Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and&nbsp;leverage them to enhance productivity, collaboration, or decision-making.</li> </ul> <p>At Asana, we&#39;re committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission. If you&#39;re interested in this role and don&#39;t meet every listed requirement, we still encourage you to apply.</p> <p><strong>What we’ll offer</strong></p> <ul> <li>Generous, transparent and fair compensation system (base salary and RSUs).</li> <li>Contract of Employment (and the option of 50% tax deductible costs for author’s rights usage in respect of&nbsp;applicable roles).</li> <li>Health insurance with dental and travel coverage (Lux Med).</li> <li>Breakfast and lunch catering on the days that you work from the office.</li> <li>Vacation allowance.</li> <li>Career growth budget.</li> <li>Home office setup budget.</li> <li>Gym/Fitness card.</li> <li>Fertility healthcare and family-forming support with Carrot.</li> <li>Mental Health Support in Modern Health.</li> <li>Group life insurance.</li> <li>MacBooks with all necessary accessories.</li> </ul> <p>For this role, the estimated base salary range is between 35,000 – 52,000 PLN gross per month (subject to all taxes and necessary deductions). The actual base salary will vary based on various factors, including market and&nbsp;individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified. In addition to base salary, your compensation package&nbsp;may include additional components such as equity and sales incentive pay (for most sales roles), and benefits. If you&#39;re interviewing for this role, speak with your recruiter to learn more about the total compensation and benefits&nbsp;for this role.</p><div class=&quot;content-conclusion&quot;><p><strong>About us</strong></p> <p data-pm-slice=&quot;1 1 []&quot;>Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune&#39;s Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.</p> <p data-pm-slice=&quot;1 1 []&quot;><strong><a class=&quot;LinkThemeablePresentation LinkPrimaryPresentation LinkPrimaryPresentation--sentimentSelected PrimaryLink HighlightSol HighlightSol--core HighlightSol--buildingBlock&quot; href=&quot;https://www.gem.com/form?formID=fbcdec8c-3442-43b9-9b45-d2b5f4ea25db&quot; target=&quot;_blank&quot;>Join Asana’s Talent Network</a></strong>&nbsp;to stay up to date on job opportunities and life at Asana.</p></div>

More open roles at Asana