Group Tech Lead, Security Threat Operations & Response Management

At Asana, security is foundational to our mission of helping humanity thrive by enabling the world's teams to work together effortlessly. Our security team protects Asana's employees, users, and customers by proactively addressing threats and fostering a culture of security throughout our product and operations. We are looking for a collaborative, innovative Group Tech Lead for Security Threat Operations and Response Management to join our security organization in Warsaw. This is a senior technical leadership role that sits at the intersection of offensive and defensive security — a true purple team visionary who will design and drive Asana's threat operations strategy from the ground up. You will set the long-term technical direction for how we detect, emulate, respond to, and continuously improve our defences against real-world adversaries.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do, and your recruiter can share more about the in-office
requirements. We offer a Contract of Employment (UoP) for our employees in Poland.

• Purple Team Strategy & Technical Leadership: Define and own the technical strategy for a fully integrated purple team function, bridging offensive (red team) and defensive (blue team) capabilities into a cohesive, intelligence-driven program.
• Adversary Emulation: Design and implement a structured adversary emulation programme based on real threat intelligence, ensuring red team exercises directly improve blue team detection and response playbooks while establishing continuous feedback loops.
• Security Maturity & Industry Standards: Lead Asana's security maturity journey, defining a roadmap that progressively advances capabilities toward frameworks and standards such as NIST CSF, ISO 27001, SOC 2, and MITRE ATT&CK maturity levels.
• Lifecycle Management: Develop, own, and continuously improve the end-to-end incident response lifecycle, including policies, playbooks, runbooks, and post-incident review processes.
• Vulnerability Operations: Design and implement a comprehensive vulnerability management program covering discovery, risk-based prioritization, SLA tracking, and remediation validation.
• Process Design & Operational Excellence: Architect scalable security operations processes that reduce manual toil through automation and orchestration, enabling the team to operate at high velocity without sacrificing quality.
• Detection Engineering: Build and standardize detection engineering workflows, ensuring threat detections are systematically developed, tested, tuned, and retired in alignment with the current threat landscape.
• AI-Driven Innovation: Identify, evaluate, and implement AI and machine learning capabilities to enhance the speed, accuracy, and coverage of threat detection, automated alert triage, root cause analysis, and incident summarization.
• Organizational Leadership & Enablement: Provide technical mentorship to security engineers across red and blue team disciplines, integrate security best practices into cross-functional development pipelines, and deliver advanced training program.

• 8+ years of progressive experience in security operations, threat detection and response, or offensive security, with at least 3 years in a senior technical leadership or principal engineering role.
• Deep technical expertise across both red and blue team disciplines, with a proven track record of designing and leading a purple team or integrated threat operations programme at scale.
• Strong command of SIEM platforms (e.g., Panther, Splunk, Elastic Security) for detection engineering, advanced log correlation, and extensive knowledge of EDR platforms (e.g., CrowdStrike, SentinelOne) for proactive threat hunting.
• Expert-level familiarity with operationalizing adversary emulation frameworks (such as MITRE ATT&CK) and handling forensic analysis during complex incident investigations in large cloud-native environments.
• Strong engineering and automation background utilizing scripting languages (e.g., Python, PowerShell) paired with exposure to SOAR platforms.
• Strategic capability to translate business risk into a technical roadmap aligned to NIST CSF, ISO 27001, or SOC 2 standards, combined with strong technical process design skills.
• Excellent communication and collaborative skills, with a track record of building cross-functional trust and explaining complex threat concepts clearly to engineering, product, legal, and executive teams alike.
• Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

At Asana, we're committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission. If you're interested in this role and don't meet every listed requirement, we still encourage you to apply.

• Generous, transparent and fair compensation system (base salary and RSUs).
• Contract of Employment (and the option of 50% tax deductible costs for author’s rights usage in respect of applicable roles).
• Health insurance with dental and travel coverage (Lux Med).
• Breakfast and lunch catering on the days that you work from the office.
• Vacation allowance.
• Career growth budget.
• Home office setup budget.
• Gym/Fitness card.
• Fertility healthcare and family-forming support with Carrot.
• Mental Health Support in Modern Health.
• Group life insurance.
• MacBooks with all necessary accessories.

For this role, the estimated base salary range is between 35,000 – 52,000 PLN gross per month (subject to all taxes and necessary deductions). The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified. In addition to base salary, your compensation package may include additional components such as equity and sales incentive pay (for most sales roles), and benefits. If you're interviewing for this role, speak with your recruiter to learn more about the total compensation and benefits for this role.

Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

Join Asana’s Talent Network to stay up to date on job opportunities and life at Asana.