Security Engineer, Enterprise Security

TuroSan Francisco, CA
1d$120,000 - $150,000Hybrid

About The Position

Turo is searching for a highly motivated and versatile Security Engineer to spearhead our efforts in securing enterprise systems and data through the design, implementation, and continuous improvement of a comprehensive security framework. This role will focus heavily on building out Zero Trust principles across the organization, ensuring the integrity of our systems and protecting against emerging threats. Key areas of focus include Advanced Email Security, Data Loss Prevention (DLP), Insider Threat prevention, Endpoint Security, Identity and Access Governance, Security Awareness Training, Configuration management and Infrastructure as Code, Incident Response (SOAR automation), Regulatory Compliance and SaaS Security Posture. The successful candidate will be an expert in these domains and have a proactive mindset for staying ahead of potential threats and regulatory requirements.

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.
  • 3+ years of experience in enterprise security, with a focus on Zero Trust, Advanced Email Security, DLP, and Endpoint Security.
  • Proven experience in Zero Trust architecture design and implementation.
  • Strong knowledge of identity governance frameworks, SaaS security, and compliance requirements like SOX and SOC 2.
  • Experience with Incident Response and advanced threat detection methodologies (experience with SOAR tools like Tines is highly preferred).
  • Proficiency in scripting and automating security processes using Python, PowerShell, or similar languages.
  • Experience with IAM technologies such as Okta, Sailpoint, etc.
  • Experience with Endpoint Management and Detection technologies such as JAMF, Kandji, Crowdstrike, etc.
  • Experience with configuration management and infrastructure as code tools (e.g., Ansible, Terraform).
  • Experience working on cloud infrastructure, especially AWS and its Security services suite
  • Solid understanding or experience working in containerized environments and familiarity with GitOps flow
  • The proven ability to work independently with minimal supervision and ability to perform and oversee complex tasks and prioritize multiple tasks based on overall strategic goals
  • Real passion for technology and desire to build tooling from ground-up and to tackle complex problems with creative solutions.
  • The capability to interface with multiple levels of the organization and to serve as an influencer and a team player
  • Strong presentation, facilitation, and written/verbal communication skills

Nice To Haves

  • Industry certifications such as CISSP, CISM, CEH, or GIAC are a plus.

Responsibilities

  • Lead the implementation of Zero Trust security frameworks across the enterprise, focusing on continuous verification and least privilege access models.
  • Develop and manage Advanced Email Security solutions to protect against phishing, spoofing, and other email-based attacks.
  • Deploy and maintain Data Loss Prevention (DLP) technologies to prevent unauthorized access or exfiltration of sensitive data.
  • Implement and enhance Insider Threat prevention programs to mitigate risks from internal actors.
  • Manage and optimize Endpoint Security solutions to safeguard all corporate devices.
  • Collaborate with Identity and Access Governance teams to enforce secure and efficient access control policies.
  • Ensure ongoing compliance with SOX and SOC 2 standards, performing regular audits and gap assessments.
  • Deliver Security Awareness Training programs to educate employees on the latest security threats and best practices.
  • Advocate for and deploy Infrastructure as Code to automate security configurations and infrastructure, specifically using Terraform.
  • Lead Incident Response efforts for enterprise security, developing automation playbooks, conducting root cause analysis to mitigate security incidents swiftly and participate in security on-call rotation.
  • Establish and maintain a robust SaaS Security Posture to ensure third-party services are securely integrated.
  • Collaborate with cross-functional teams to integrate security into all stages of the Software Development Life Cycle (SDLC).

Benefits

  • Competitive salary, equity, benefits, and perks for all full-time employees
  • Employer-paid medical, dental, and vision insurance (Country specific)
  • Retirement employer match
  • Learning & Development stipend to invest in your professional development
  • Turo host matching program
  • Turo travel credit
  • Cell phone and internet stipend
  • Paid time off to relax and recharge
  • Paid holidays, volunteer time off, and parental leave
  • For those who are in the office full-time or hybrid we have in-office lunch, office snacks, and fun activities
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service