Corporate Security Engineer

About The Position

Requirements

• 6+ years in IT systems engineering with emphasis on automation, and hands-on experience in identity access management, and security best practices
• Deep hands-on expertise with Enterprise IdP (SSO, MFA, lifecycle management, groups, API automation)
• Strong experience securing Google Workspace at an admin level
• Experience with MDM solutions and endpoint hardening
• Solid understanding of OAuth, SAML, OIDC, and modern identity and access patterns
• Experience governing SaaS applications at scale: inventory, risk assessment, integration audits
• Scripting or automation skills (Golang, Python, Bash, Terraform, or similar) for API integration work
• Ability to write and own technical design documents and risk assessments
• Strong cross-functional communication — able to work effectively with GRC, IT, legal, and non-technical stakeholders
• Experience with compliance frameworks such as SOC2 or ISO 27xxx

Nice To Haves

• Experience with Zero-Trust Network Access solutions (ZTNA) and Endpoint Detection and Response (EDR) tooling
• Familiarity with canary/deception-based detection techniques
• Experience implementing Just-in-Time (JIT) access patterns and identity-as-code practices
• Experience with implementing and rolling out Data Leak Prevention (DLP) solutions

Responsibilities

• Own and continuously improve Docker's Identity and Access Management infrastructure, including SSO, MFA enforcement, lifecycle management, and access governance
• Discover, map inventory and conduct security reviews on third-party integrations and drive security improvements across our SaaS application ecosystem
• Secure and harden our core collaboration as well as documentation platforms, including email, document sharing, and communication tools
• Define and enforce device compliance policies across our corporate device fleet; own the end-to-end compliant device experience
• Mature a Zero Trust security model across corporate infrastructure, enforcing conditional access based on identity
• Establish and maintain an approved application governance program across desktop, browser, developer tooling, and third-party AI services, with appropriate monitoring and risk-based controls
• Contribute to the team's incident response capability, bringing corporate IT and identity expertise to investigations and remediation efforts
• Design and deploy canaries across our endpoint fleet, for increased visibility and early-warning capabilities
• Participate in the Security team on-call rotation by managing detection and response to security events
• Own and continuously improve employee lifecycle security processes, ensuring robust controls at both onboarding and offboarding
• Maintain IT security evidence and documentation supporting compliance with SOC2 and ISO ISO 27xxx

Benefits

• Freedom & flexibility; fit your work around your life
• Designated quarterly Whaleness Days plus end of year Whaleness break
• Home office setup; we want you comfortable while you work
• 16 weeks of paid Parental leave
• Technology stipend equivalent to $100 net/month
• PTO plan that encourages you to take time to do the things you enjoy
• Training stipend for conferences, courses and classes
• Equity; we are a growing start-up and want all employees to have a share in the success of the company
• Docker Swag
• Medical benefits, retirement and holidays vary by country
• Remote-first culture, with offices in Seattle and Paris