Security Engineer

About The Position

Requirements

• 3+ years of experience in information security, with hands-on experience in detection engineering, compliance operations, or security operations.
• Experience working at a SaaS company.
• Practical detection engineering skills, including writing and tuning rules in a production SIEM (Datadog preferred, Splunk, Elastic, or similar).
• Hands-on experience with a GRC platform (Drata, Vanta, or equivalent), not just theoretical SOC 2 knowledge.
• Experience responding to customer security questionnaires and supporting external audits.
• Familiarity with compliance frameworks such as SOC 2, CIS Controls, or NIST CSF.
• Strong attention to detail and ability to manage multiple compliance and security workstreams simultaneously.
• Clear written and verbal communication skills, particularly for customer-facing compliance work.

Nice To Haves

• Experience with endpoint security tools (JAMF Pro, SentinelOne, CrowdStrike Falcon, or Cloudflare Zero Trust).
• Familiarity with macOS MDM/fleet management and endpoint hardening.
• Exposure to DLP policy authoring, secure web gateway deployment, or CASB configuration.
• Relevant certifications (Security+, GSEC, CCSK, or similar).
• Experience with AWS security services or cloud security fundamentals.

Responsibilities

• Write, tune, and maintain detection rules in Datadog (SIEM) to identify threats, reduce false positives, and improve alert quality across the environment.
• Support SOC 2 audit cycles, including evidence collection, control mapping, and auditor coordination within Drata.
• Drive progress on Trust Services Criteria (TSC) expansion and CIS Controls v8 implementation, mapping controls and documenting compliance evidence.
• Respond to customer security questionnaires and support customer-facing compliance activities.
• Assist with endpoint security operations under the direction of a Senior Security Engineer, including JAMF Pro, SentinelOne or CrowdStrike Falcon, and Cloudflare Zero Trust (DLP, SWG, CASB).
• Help maintain and improve compliance documentation, security policies, and internal procedures.
• Execute on security roadmap items, contributing to projects across detection, compliance, and operational security.

Benefits

• Flexible Paid Time Off - you’re actually encouraged to use, plus 10 company holidays!
• Health Benefits - including Medical, Dental, and Vision and an HSA Match.
• 401(k) - we match 100% up to 3% of your contribution. Eligibility is immediate with 100% vesting.
• Mental Health - all employees have access to Impact Suite & to our Employee Assistance Program (EAP).
• Paid New Parent Leave & Birthing Parent Leave - so you’re able to care for your little ones.
• Supplemental Benefits - including 100% company paid Basic Life & AD&D insurance and long & short-term disability coverage.
• Nectar - our peer-to-peer recognition program to help our employees recognize the amazing work being done by other Canopians!
• Company Events - including monthly company-wide meetings, summer parties, and more.
• ERG Committees - to plan initiatives around continuing education, community outreach, recruiting, onboarding, and more.
• Fully-stocked kitchen - Keto? Vegan? Flexitarian? Mandalorian? We’ve got you covered.