This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

This role provides the opportunity to shape and advance enterprise security programs in a high-impact, technically challenging environment. You will take ownership of identity infrastructure, endpoint security, SaaS governance, and device compliance, ensuring robust protection across corporate systems. Working closely with cross-functional teams, you will design, implement, and continuously improve security controls, harden platforms, and oversee governance processes. This position balances hands-on technical execution with strategic influence, allowing you to enhance corporate security posture while supporting compliance frameworks such as SOC 2 and ISO 27xxx. You will contribute to incident response, identity management, and Zero Trust initiatives in a fully remote-first, collaborative environment.

• Own and enhance identity and access management systems, including SSO, MFA, lifecycle management, and access governance.
• Conduct security reviews of SaaS applications, third-party integrations, and internal platforms, driving risk mitigation and process improvements.
• Define and enforce device compliance policies, ensuring secure and compliant corporate device usage.
• Implement and mature Zero Trust security models across enterprise infrastructure, enforcing conditional access policies.
• Lead application governance programs for desktop, browser, developer tools, and AI services, including monitoring and risk-based controls.
• Contribute to incident response efforts, providing expertise in identity, endpoint, and corporate IT security.
• Deploy and maintain deception or canary-based detection controls to increase visibility and early-warning capabilities.
• Maintain documentation and security evidence supporting compliance with relevant standards, including SOC2 and ISO 27xxx.

Qualifications

• 6+ years of experience in IT systems engineering, emphasizing automation, identity management, and security best practices.
• Hands-on expertise with enterprise identity providers (SSO, MFA, lifecycle management, group and API automation).
• Experience securing Google Workspace and managing endpoint hardening via MDM solutions.
• Solid understanding of OAuth, SAML, OIDC, and modern identity and access patterns.
• Experience governing SaaS applications at scale, including inventory, risk assessment, and integration audits.
• Proficiency in scripting or automation languages such as Golang, Python, Bash, or Terraform.
• Ability to create and own technical design documents, risk assessments, and security runbooks.
• Strong cross-functional communication skills and experience collaborating with IT, GRC, legal, and non-technical teams.
• Familiarity with compliance frameworks including SOC2 and ISO 27xxx.
• Bonus: Experience with Zero-Trust Network Access (ZTNA), Endpoint Detection and Response (EDR), Just-in-Time (JIT) access, identity-as-code practices, and Data Leak Prevention (DLP) solutions.

Benefits

• Competitive salary range: $194,400–$243,000, with equity participation.
• Fully remote-first work environment with flexibility and freedom to balance work and life.
• 16 weeks paid parental leave.
• Home office setup and technology stipend.
• PTO and designated company-wide wellness days.
• Training stipend for conferences, courses, and professional development.
• Retirement, medical, and other benefits vary by country.
• Opportunities to contribute to a diverse, inclusive, and collaborative culture.

Company Description