# Apply for a career with Asana

> Apply for the Security Architecture Engineer, STORM in Warsaw at Asana! Click to learn more about life at Asana!

Careers

All open positions

Offices

Chicago

Dublin

Japan

London

Munich

New York City

Paris

Reykjavik

San Francisco (HQ)

Sydney

Singapore

Vancouver, BC

Warsaw

Teams

Business & Marketing

Engineering & Data

General & Administrative

Product & Design

Interns & Early career

Culture & Belonging

All open positions

#### Sneak a peek behind the scenes

#### Stance gets socks to market 14 times faster with Asana

#### Get company news, success stories, and more

#### Check in with us all over the world

#### Now streaming: How to Asana

#### Check out what inspires our work

#### Hear from our employees

We’re growing fast to achieve a big [mission](https://blog.asana.com/2020/09/mission) that drives us every day. Passionate and curious people like you will help us achieve it. A supportive team, award-winning culture, and unique growth opportunities will empower you to do your best and most impactful work at Asana.

Asana is a leading work management platform for human + AI collaboration. Over 170,000 customers like Accenture, Amazon, Anthropic, and Suzuki rely on Asana to align teams and accelerate organizational impact. Whether it’s managing strategic initiatives, cross-functional programs, or company-wide goals, Asana helps organizations bring clarity to complexity—turning plans into action with AI working alongside teams every step of the way. We believe investing in our culture and our employees is what fuels our individual and collective growth, allowing us to achieve our mission. Asana is an equal opportunity employer, and building a diverse, equitable, and inclusive company is core to our mission. Join us to make a big impact—on our mission, our customers’ missions, and your career.

Can’t find the right role at Asana today? [Join Asana’s Talent Network](https://www.gem.com/form?formID=fbcdec8c-3442-43b9-9b45-d2b5f4ea25db) to stay up to date on job openings.

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/7b98ac66e485a481/original/Asana-Global-Candidate-Privacy-Notice-December-18-2023-English-docx.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/2920026633def32/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_FR-FR.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/d5680442317933/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_DE-DE.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/1563f7199fad9c3f/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_ES-LA.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/234149810b33f799/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_PT-BR.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/1061f391b887e4aa/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_JA-JP.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/27af8714dbaace3c/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_ZH-CN.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/5a836fe4eb6cf4f1/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_NL-NL.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/4c59f76e42223694/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_PL-PL.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/1d0ce1e057fadc86/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_RU-RU.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/33254628afec3df7/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_KO-KR.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/1c6881d2387a57af/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_SV-SE.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/745cd0d2d0e8485c/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_IT-IT.pdf).

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/7deecd415c76c95a/original/Asana-Global-Candidate-Privacy-Notice_-December-18-2023-_ID-ID.pdf).

Make an impact at Asana

Apply for a career with Asana

Warsaw

Cost Center

Careers Page: Heading

Careers Page: Team

Careers Page: Location

### Security Architecture Engineer, STORM

STORM (Security Threat Operations & Response Management) is Asana's security operations organization, made up of red and blue team specialists focused on protecting Asana's employees, users, and customers. We proactively address threats, embed security across the product lifecycle, and partner closely with Asana's broader R&D and engineering teams to make security-by-design the norm. We are looking for a collaborative, analytical Security Architecture Engineer to join our team in Warsaw to solve complex design challenges and scale our architectural security defenses.

This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interviewing for this role, your recruiter will share more about the in-office requirements.

We offer a Contract of Employment (UoP) for our employees in Poland.

### What you’ll achieve
- **Security Design Review & Threat Modelling:** Lead architecture reviews and structured threat modelling (such as STRIDE, OWASP Threat Dragon, and MITRE ATT&CK) for new and in-flight projects to identify risk early and produce actionable guidance before code is written.
- **Code & Data Flow Analysis:** Conduct security-focused code reviews and analyze data flows across services, APIs, and integrations to identify trust boundaries and attack surface reduction opportunities.
- **Defensive Engineering Recommendations:** Translate threat model findings into concrete engineering recommendations and feed architectural weaknesses to STORM’s red team for proactive adversary emulation planning.
- **Architecture Standards & Frameworks:** Build and mature Asana’s security architecture review process and define standards aligned to industry best practices like NIST 800-53, FedRAMP, ISO 27001, and OWASP ASVS.
- **Security Pattern Library:** Develop and maintain a reusable security pattern library for authentication, authorization, encryption, API security, and data handling that engineering teams can adopt directly.
- **AI Security Architecture:** Evaluate AI tooling and integrations using industry standards (such as OWASP Maestro and OWASP Top 10 for LLMs), assessing risks including prompt injection, model misuse, data leakage, and supply chain exposure.
- **AI Governance:** Develop governance practices for AI-augmented development workflows and stay current with the evolving AI security landscape.
- **Security Artifact Advocacy:** Champion security-by-design by driving organizational adoption of architecture diagrams, data flow diagrams, and threat models as first-class engineering artefacts.
- **Training & Culture:** Deliver highly technical training and workshops to engineering and product teams, making the secure choice the path of least resistance across the organization.

### About you
- 7+ years of progressive experience in security roles, with a focus on security architecture, application security, or high-scale design reviews.
- Hands-on proficiency with threat modelling methodologies (STRIDE/PASTA, OWASP Threat Dragon) and the MITRE ATT&CK framework at the TTP level.
- Competency conducting security-focused code reviews across modern languages, including Python, Go, Java, or TypeScript.
- Deep functional knowledge of compliance frameworks and baselines, including NIST 800-53, FedRAMP, ISO 27001, OWASP ASVS, and the AWS Well-Architected Security pillar.
- Strong understanding of authentication/authorisation mechanisms (OAuth 2.0, OIDC, SAML, SSO) and container infrastructure security (Kubernetes RBAC, pod security, network policies, and secrets management).
- Familiarity with emerging AI security standards, specifically the OWASP Top 10 for LLMs, OWASP Maestro, or securing multi-tenant SaaS platforms.
- Demonstrated track record of translating complex architectural risks into clear, pragmatic guidance for engineers and senior stakeholders.
- Proven ability to build security review processes from low maturity and shift engineering culture through influence and collaboration.
- Strong technical writing skills with experience producing architectural diagrams, threat models, and clean documentation that teams reference daily.
- Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

At Asana, we're committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission. If you're interested in this role and don't meet every listed requirement, we still encourage you to apply.

### What we’ll offer
- Generous, transparent and fair compensation system (base salary and RSUs).
- Contract of Employment (and the option of 50% tax deductible costs for author’s rights usage in respect of applicable roles).
- Health insurance with dental and travel coverage (Lux Med).
- Breakfast and lunch catering on the days that you work from the office.
- Vacation allowance.
- Career growth budget.
- Home office setup budget.
- Gym/Fitness card.
- Fertility healthcare and family-forming support with Carrot.
- Mental Health Support in Modern Health.
- Group life insurance.
- MacBooks with all necessary accessories.

For this role, the estimated base salary range is between 31,900 - 36,000 PLN PLN gross per month (subject to all taxes and necessary deductions) The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified. In addition to base salary, your compensation package may include additional components such as equity and benefits. If you're interviewing for this role, speak with your recruiter to learn more about the total compensation and benefits for this role.

#LI-Hybrid

**About us**

Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

**[Join Asana’s Talent Network](https://www.gem.com/form?formID=fbcdec8c-3442-43b9-9b45-d2b5f4ea25db)** to stay up to date on job opportunities and life at Asana.

Product Engineering

Warsaw

#### Why Asana?

Asana is a leading work management platform for human + AI collaboration. Over 170,000 customers like Accenture, Amazon, Anthropic, and Suzuki rely on Asana to align teams and accelerate organizational impact. Whether it’s managing strategic initiatives, cross-functional programs, or company-wide goals, Asana helps organizations bring clarity to complexity—turning plans into action with AI working alongside teams every step of the way. We believe investing in our culture and our employees is what fuels our individual and collective growth, allowing us to achieve our mission. Asana is an equal opportunity employer, and building a diverse, equitable, and inclusive company is core to our mission. Join us to make a big impact—on our mission, our customers’ missions, and your career.

Can’t find the right role at Asana today? [Join Asana’s Talent Network](https://www.gem.com/form?formID=fbcdec8c-3442-43b9-9b45-d2b5f4ea25db) to stay up to date on job openings.

By clicking "Submit Application," you acknowledge and agree to [Asana's Global Job Applicant Privacy Notice](https://assets.asana.biz/m/7b98ac66e485a481/original/Asana-Global-Candidate-Privacy-Notice-December-18-2023-English-docx.pdf).

#### Careers

#### Offices

- [Chicago](/jobs/chicago)

- [Dublin](/jobs/dublin)

- [Japan](/jobs/tokyo)

- [London](/jobs/london)

- [Munich](/jobs/munich)

- [New York City](/jobs/new-york)

- [Paris](/jobs/paris)

- [Reykjavik](/jobs/reykjavik)

- [San Francisco (HQ)](/jobs/san-francisco)

- [Sydney](/jobs/sydney)

- [Singapore](/jobs/singapore)

- [Vancouver, BC](/jobs/vancouver)

- [Warsaw](/jobs/warsaw)

#### Teams

- [Business & Marketing](/jobs/business)

- [Engineering & Data](/jobs/engineering)

- [General & Administrative](/jobs/internal)

- [Product & Design Teams](/jobs/product)

- [Emerging Talent Programs](/jobs/university-recruiting)

- [Culture & Belonging](/culture-and-belonging)

- [All open positions](/jobs/all)

### Security Architecture Engineer, STORM

STORM (Security Threat Operations & Response Management) is Asana's security operations organization, made up of red and blue team specialists focused on protecting Asana's employees, users, and customers. We proactively address threats, embed security across the product lifecycle, and partner closely with Asana's broader R&D and engineering teams to make security-by-design the norm. We are looking for a collaborative, analytical Security Architecture Engineer to join our team in Warsaw to solve complex design challenges and scale our architectural security defenses.

 This role is based in our Warsaw office with an office-centric hybrid schedule. The standard in-office days are Monday, Tuesday, and Thursday. Most Asanas have the option to work from home on Wednesdays. Working from home on Fridays depends on the type of work you do and the teams with which you partner. If you're interviewing for this role, your recruiter will share more about the in-office requirements.

 We offer a Contract of Employment (UoP) for our employees in Poland.

### What you’ll achieve
- **Security Design Review & Threat Modelling:** Lead architecture reviews and structured threat modelling (such as STRIDE, OWASP Threat Dragon, and MITRE ATT&CK) for new and in-flight projects to identify risk early and produce actionable guidance before code is written.
- **Code & Data Flow Analysis:** Conduct security-focused code reviews and analyze data flows across services, APIs, and integrations to identify trust boundaries and attack surface reduction opportunities.
- **Defensive Engineering Recommendations:** Translate threat model findings into concrete engineering recommendations and feed architectural weaknesses to STORM’s red team for proactive adversary emulation planning.
- **Architecture Standards & Frameworks:** Build and mature Asana’s security architecture review process and define standards aligned to industry best practices like NIST 800-53, FedRAMP, ISO 27001, and OWASP ASVS.
- **Security Pattern Library:** Develop and maintain a reusable security pattern library for authentication, authorization, encryption, API security, and data handling that engineering teams can adopt directly.
- **AI Security Architecture:** Evaluate AI tooling and integrations using industry standards (such as OWASP Maestro and OWASP Top 10 for LLMs), assessing risks including prompt injection, model misuse, data leakage, and supply chain exposure.
- **AI Governance:** Develop governance practices for AI-augmented development workflows and stay current with the evolving AI security landscape.
- **Security Artifact Advocacy:** Champion security-by-design by driving organizational adoption of architecture diagrams, data flow diagrams, and threat models as first-class engineering artefacts.
- **Training & Culture:** Deliver highly technical training and workshops to engineering and product teams, making the secure choice the path of least resistance across the organization.

### About you
- 7+ years of progressive experience in security roles, with a focus on security architecture, application security, or high-scale design reviews.
- Hands-on proficiency with threat modelling methodologies (STRIDE/PASTA, OWASP Threat Dragon) and the MITRE ATT&CK framework at the TTP level.
- Competency conducting security-focused code reviews across modern languages, including Python, Go, Java, or TypeScript.
- Deep functional knowledge of compliance frameworks and baselines, including NIST 800-53, FedRAMP, ISO 27001, OWASP ASVS, and the AWS Well-Architected Security pillar.
- Strong understanding of authentication/authorisation mechanisms (OAuth 2.0, OIDC, SAML, SSO) and container infrastructure security (Kubernetes RBAC, pod security, network policies, and secrets management).
- Familiarity with emerging AI security standards, specifically the OWASP Top 10 for LLMs, OWASP Maestro, or securing multi-tenant SaaS platforms.
- Demonstrated track record of translating complex architectural risks into clear, pragmatic guidance for engineers and senior stakeholders.
- Proven ability to build security review processes from low maturity and shift engineering culture through influence and collaboration.
- Strong technical writing skills with experience producing architectural diagrams, threat models, and clean documentation that teams reference daily.
- Demonstrates curiosity about AI tools and emerging technologies, with a willingness to learn and leverage them to enhance productivity, collaboration, or decision-making.

 At Asana, we're committed to building teams that include a variety of backgrounds, perspectives, and skills, as this is critical to helping us achieve our mission. If you're interested in this role and don't meet every listed requirement, we still encourage you to apply.

### What we’ll offer
- Generous, transparent and fair compensation system (base salary and RSUs).
- Contract of Employment (and the option of 50% tax deductible costs for author’s rights usage in respect of applicable roles).
- Health insurance with dental and travel coverage (Lux Med).
- Breakfast and lunch catering on the days that you work from the office.
- Vacation allowance.
- Career growth budget.
- Home office setup budget.
- Gym/Fitness card.
- Fertility healthcare and family-forming support with Carrot.
- Mental Health Support in Modern Health.
- Group life insurance.
- MacBooks with all necessary accessories.

 For this role, the estimated base salary range is between 31,900 - 36,000 PLN PLN gross per month (subject to all taxes and necessary deductions) The actual base salary will vary based on various factors, including market and individual qualifications objectively assessed during the interview process. The listed range above is a guideline, and the base salary range for this role may be modified. In addition to base salary, your compensation package may include additional components such as equity and benefits. If you're interviewing for this role, speak with your recruiter to learn more about the total compensation and benefits for this role.

 #LI-Hybrid

**About us**

 Asana is a leading platform for human + AI collaboration. Millions of teams around the world rely on Asana to achieve their most important goals, faster. Asana has been named to Fortune's Best Workplaces for 7+ years and recognized by Fast Company, Forbes, and Gartner for excellence in workplace culture and innovation. We offer an exceptional office-centric culture while adopting the best elements of hybrid models to ensure that every one of our global team members can work together effortlessly. With 13+ offices all over the world, we are always looking for individuals who care about building technology that drives positive change in the world and a culture where everyone feels that they belong.

 **[Join Asana’s Talent Network](https://www.gem.com/form?formID=fbcdec8c-3442-43b9-9b45-d2b5f4ea25db)** to stay up to date on job opportunities and life at Asana.

Asana

Asana