We are looking for an Information Security Engineer to help scale and mature our corporate security program in a fast-moving, high-growth environment. This role will focus on identity and access management, endpoint security, SaaS security, corporate infrastructure security, and security operations enablement.
The ideal candidate is hands-on, automation-minded, and comfortable partnering across IT, Engineering, Infrastructure, HR, and Compliance teams to improve security controls while maintaining a strong employee experience.
You will help design and operate security systems that protect corporate assets, secure employee access, improve visibility, and reduce organizational risk across cloud-first and SaaS-heavy environments.
Design, implement, and improve identity and access management controls across enterprise applications and infrastructure.
Manage and optimize SSO, MFA, lifecycle management, conditional access, RBAC, and privileged access workflows.
Partner with IT and business stakeholders to implement least-privilege access models.
Support onboarding, offboarding, and automated provisioning/deprovisioning workflows.
Conduct periodic access reviews and help drive remediation efforts.
Improve authentication security and identity posture across corporate systems.
Secure and manage corporate endpoints across macOS, Windows, and cloud-managed environments.
Improve endpoint visibility, hardening, monitoring, and response capabilities.
Help implement and tune modern endpoint protection, browser security, device trust, and web/data protection controls.
Partner with Infrastructure and IT teams on secure configuration standards and operational improvements.
Support security initiatives related to enterprise SaaS applications and collaboration platforms.
Assist with vendor and third-party security evaluations related to enterprise tooling.
Assist with security monitoring, detection engineering, and incident response activities.
Improve log visibility and telemetry coverage across identity, endpoint, and SaaS platforms.
Build and maintain detections, alerts, and operational playbooks.
Participate in incident investigations and post-incident remediation efforts.
Help operationalize security metrics and reporting.
Build automations and integrations that improve security operations efficiency.
Develop scripts and workflows to reduce manual processes.
Partner with Engineering and Infrastructure teams to improve security guardrails and operational maturity.
Contribute to infrastructure-as-code and policy-as-code initiatives where applicable.
Support security compliance initiatives such as SOC 2, ISO 27001, or similar frameworks.
Help document technical controls, processes, and operational procedures.
Participate in risk assessments and remediation tracking.
Contribute to security awareness and internal enablement efforts.
4+ years of experience in information security, security engineering, IT security, or related fields.
Experience administering enterprise identity providers and access management systems.
Experience with endpoint management and endpoint security tooling.
Familiarity with security monitoring, logging, and incident response workflows.
Strong understanding of authentication protocols and identity security concepts, including SAML, OIDC, OAuth, SCIM, MFA, conditional access, and RBAC.
Experience working in cloud-first environments using modern SaaS platforms.
Strong scripting or automation experience using Python, Bash, PowerShell, or similar.
Ability to balance security requirements with operational usability and business needs.
Strong communication and cross-functional collaboration skills.
Experience securing macOS environments at scale.
Experience with modern browser security and data protection technologies.
Experience with cloud-native security monitoring or SIEM platforms.
Familiarity with MDM/UEM platforms, EDR solutions, identity governance, and SaaS security tools.
Experience implementing automation around identity lifecycle management.
Familiarity with infrastructure-as-code or cloud security practices.
Experience in high-growth startup or enterprise environments.
Security certifications such as Security+, CISSP, GIAC, identity provider certifications, endpoint management certifications, or equivalent.