Senior Security Engineer


Mailchimp is a leading marketing platform for small business. We empower millions of customers around the world to build their brands and grow their companies with a suite of marketing automation, multichannel campaign, CRM, and analytics tools.

Mailchimp's Security team monitors, maintains, and improves the security of the Mailchimp platform, its internal services, and its employees. Team members collaborate with teams throughout Mailchimp to ensure our product and people stay secure.

We’re looking for a Senior Engineer to join the Security team. Engineers in this role assist in securing the Mailchimp platform through large-scale improvements to Mailchimp's product security, mentoring fellow engineers to produce better, more secure code, and helping drive process and pattern improvements within Security and Engineering as a whole.

Security Engineers work closely with our in-house Penetration Testers, Security Operations team, and Defensive Security Engineers. Our ideal candidate is a highly-experienced Engineer with an interest in security who has excellent communication and collaboration skills.


What you'll do:

  • Investigate and patch security issues within the Mailchimp web application
  • Identify broad, impactful areas for improving the security of Mailchimp's platform
  • Lead engineers through learning, understanding, and adopting new or improved engineering practices
  • Collaborate with product and feature teams on development and refactoring efforts
  • Identify high-risk patterns and security-related engineering concerns and evaluate, document, and advocate for improvements among peers in Engineering


We'd love to hear from you if:

  • You are proficient in one or more of the following: PHP, Go, Python, Ruby, Java, SQL
  • You have an understanding of common web application stacks and patterns: LAMP, LEMP, MVC
  • You're interested in information security and web application hardening
  • You have strong written and verbal communication skills
  • You can work independently with minimal supervision, while acting as a mentor within your team and a collaborator with adjacent teams
  • You have been a primary driver in large projects and can facilitate discussions with stakeholders and adjacent teams
  • You have experience with knowledge-sharing with team members as well as with audiences outside your functional area of expertise, and understand the value of breaking down knowledge silos and bringing visibility to your team's work
  • You are comfortable with helping to evaluate new technologies, architectural and design patterns, and processes and bring context for those to your team
  • You have a solid foundational knowledge of web application security principles, such as those in the OWASP Top 10


Bonus points for:

  • Experience with the ELK stack, BigQuery, or Splunk
  • Familiarity with web application firewall (WAF) analysis, configuration, or implementation
  • Experience with common front-end frameworks (React, Vue, Angular)
  • Familiarity with Linux- or UNIX-based operating systems


Mailchimp is a founder-owned and highly profitable company headquartered in the heart of Atlanta. Our purpose is to empower the underdog, and our mission is to democratize cutting edge marketing technology for small business. We offer our employees an exceptional workplace, extremely competitive compensation, fully paid benefits (for employees and their families), and generous profit sharing. We hire humble, collaborative, and ambitious people, and give them endless opportunities to grow and succeed.

We love our hometown and support sustainable urban renewal. Our headquarters is in the historic Ponce City Market, right on the Atlanta Beltline. If you'd like to be considered for this position, please apply below. We look forward to meeting you!

Mailchimp is an equal opportunity employer, and we value diversity at our company. We don't discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.