Senior Staff Security Engineer, Corporate Security

About The Position

Requirements

• 5+ years of experience in enterprise security / corporate security / IT security, with demonstrated ownership of endpoint and back-office security capabilities.
• Strong hands-on background in email security concepts and operations (policy design, controls tuning, and reducing phishing/business email compromise risk).
• Practical experience implementing and maintaining DLP and data protection controls in a way that balances risk reduction with employee productivity.
• Experience running vulnerability management and patch compliance programs: defining remediation SLAs, improving asset visibility, and partnering with IT/system owners to close findings.
• Experience with a modern, cloud-based, SaaS-centered environment.
• Hands-on experience with AV/EDR operations and endpoint hardening best practices for modern workstation fleets.
• Working knowledge of identity fundamentals and enterprise identity platforms (Okta and/or Entra), including MFA and conditional access patterns.
• Excellent stakeholder management and communication skills, with the ability to turn security requirements into clear, achievable engineering work across teams.

Responsibilities

• Own and continuously improve our email security posture, including configuration hardening, policy management, abuse reduction, and safe enablement of business workflows.
• Design, implement, and tune Data Loss Prevention (DLP) controls to reduce accidental and intentional data exposure across endpoints and collaboration workflows (e.g., email and file sharing).
• Lead the vulnerability and patch management program for corporate endpoints and back-office systems—defining SLAs, improving coverage and accuracy, and driving remediation with IT and system owners.
• Own our endpoint security strategy for workstations, including baseline hardening, AV/EDR coverage and tuning, and continuous improvements to device posture.
• Own and lead phishing and account compromise prevention for employees, including training, periodic phishing tests, and responding to reports.
• Partner with IT and Security teammates to strengthen identity security in Okta and Entra, focusing on practical controls like MFA enforcement, conditional access patterns, and reducing over-privilege.
• Operate and improve core security tooling (e.g., AV/EDR, vulnerability management, security awareness and phishing simulation platforms), and establish metrics that clearly communicate coverage, risk reduction, and operational health.
• Provide senior technical leadership: influence standards, write clear documentation and runbooks, and drive cross-functional execution without relying on incident response ownership as the operating model.

Benefits

• Flexible time off
• 401k to help you save for the future
• Generous medical, dental, and vision coverage for full-time employees and their dependents
• A parental leave program that includes options for a paid night nurse, and a gradual return to work
• Infertility/ assisted reproductive services benefit
• Employee referral bonuses to encourage the addition of great new people to the team
• Snacks and beverages in the Office, along with fun events to celebrate
• Diversity and inclusion programs that promote employee resource groups like Outreach Women's Network, Latinx community, Outreach Black Connection, AAPI community, Pride/LGBTQIA+, Gender+, Disability Community, and Veterans/Military