Key skills
AWSLeadership
About this role
GoDaddy is empowering everyday entrepreneurs around the world by providing the help and tools to succeed online. They are seeking a Principal Security Engineer to lead the Governance, Risk, and Compliance team in identifying, assessing, and addressing security risks across the business, while also building a robust audit and controls program.
Responsibilities:
- Build and manage a unified security controls framework that supports regulatory and industry compliance requirements
- Perform targeted gap assessments across business units, with an initial focus on hosting environments and audit readiness
- Partner with engineering, product, legal, and other security teams to identify control gaps, evaluate compensating controls, and reduce risk
- Support internal and external audits across frameworks such as PCI DSS, SOC 2, ISO 27001, and other applicable regulations
- Develop reporting and present security risks, audit status, and remediation priorities to senior leadership, including the Chief Information Security Officer
- Drive scalable risk-based processes for exception management, risk acceptance workflows, and broader governance initiatives
Requirements:
- 10+ years of professional experience in information security, information technology, information technology audit, or related fields
- 6+ years of professional experience managing information security programs, audits, or formal assessment activities
- Experience building unified security controls frameworks across multiple compliance and regulatory standards
- Experience managing or performing audits using frameworks such as PCI DSS, NIST Cybersecurity Framework, NIST SP 800-53, ISO 27001, and SOC 2
- Experience assessing cloud environments such as AWS and applying core security engineering concepts such as threat modeling, architecture reviews, access management, and encryption
- Experience presenting audit results, risk posture, and remediation priorities to executive stakeholders
- Certifications like PCI ISA, CISA, CRISC, ISO Lead Assessor, CISSP, etc
- Experience working at a Big 4 Audit firm(s)