Security Engineer, Enterprise Security

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.
• 3+ years of experience in enterprise security, with a focus on Zero Trust, Advanced Email Security, DLP, and Endpoint Security.
• Proven experience in Zero Trust architecture design and implementation.
• Strong knowledge of identity governance frameworks, SaaS security, and compliance requirements like SOX and SOC 2.
• Experience with Incident Response and advanced threat detection methodologies (experience with SOAR tools like Tines is highly preferred).
• Proficiency in scripting and automating security processes using Python, PowerShell, or similar languages.
• Experience with IAM technologies such as Okta, Sailpoint, etc.
• Experience with Endpoint Management and Detection technologies such as JAMF, Kandji, Crowdstrike, etc.
• Experience with configuration management and infrastructure as code tools (e.g., Ansible, Terraform).
• Experience working on cloud infrastructure, especially AWS and its Security services suite
• Solid understanding or experience working in containerized environments and familiarity with GitOps flow
• The proven ability to work independently with minimal supervision and ability to perform and oversee complex tasks and prioritize multiple tasks based on overall strategic goals
• Real passion for technology and desire to build tooling from ground-up and to tackle complex problems with creative solutions.
• The capability to interface with multiple levels of the organization and to serve as an influencer and a team player
• Strong presentation, facilitation, and written/verbal communication skills

Nice To Haves

• Industry certifications such as CISSP, CISM, CEH, or GIAC are a plus.

Responsibilities

• Lead the implementation of Zero Trust security frameworks across the enterprise, focusing on continuous verification and least privilege access models.
• Develop and manage Advanced Email Security solutions to protect against phishing, spoofing, and other email-based attacks.
• Deploy and maintain Data Loss Prevention (DLP) technologies to prevent unauthorized access or exfiltration of sensitive data.
• Implement and enhance Insider Threat prevention programs to mitigate risks from internal actors.
• Manage and optimize Endpoint Security solutions to safeguard all corporate devices.
• Collaborate with Identity and Access Governance teams to enforce secure and efficient access control policies.
• Ensure ongoing compliance with SOX and SOC 2 standards, performing regular audits and gap assessments.
• Deliver Security Awareness Training programs to educate employees on the latest security threats and best practices.
• Advocate for and deploy Infrastructure as Code to automate security configurations and infrastructure, specifically using Terraform.
• Lead Incident Response efforts for enterprise security, developing automation playbooks, conducting root cause analysis to mitigate security incidents swiftly and participate in security on-call rotation.
• Establish and maintain a robust SaaS Security Posture to ensure third-party services are securely integrated.
• Collaborate with cross-functional teams to integrate security into all stages of the Software Development Life Cycle (SDLC).

Benefits

• Competitive salary, equity, benefits, and perks for all full-time employees
• Employer-paid medical, dental, and vision insurance (Country specific)
• Retirement employer match
• Learning & Development stipend to invest in your professional development
• Turo host matching program
• Turo travel credit
• Cell phone and internet stipend
• Paid time off to relax and recharge
• Paid holidays, volunteer time off, and parental leave
• For those who are in the office full-time or hybrid we have in-office lunch, office snacks, and fun activities