IT Security Engineer

Global Brain Corporation

IT Security Engineer managing identity, access, and corporate security operations at AI startup. Collaborating on technology integration and ensuring optimal employee experience while maintaining security.

Posted 4/29/2026full-timeSan Francisco • California • 🇺🇸 United StatesMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

JamfPythonTerraform

About the role

Key responsibilities & impact

Own the corporate technology layer end-to-end — identity and access management, SaaS tooling, device security, and the employee-facing systems that keep a fast-growing company running safely.
Own our Okta environment and consolidate SSO: migrations, managing provisioning, lifecycle automation, and federation across all departments.
Implement and improve our 3-tier access entitlement model: auto-grant for Tier 1, manager approval for Tier 2, manager + security approval for Tier 3.
Build and operationalize HRIS-triggered provisioning and offboarding automation across our identity and SaaS stack.
Support access review programs and contribute to SOC 2 compliance efforts — maintaining audit trails, approval chains, and provisioning logs.
Contribute to Zero Trust and endpoint security initiatives: device trust, EDR integration, MDM, and least-privilege access across corporate and BYOD devices.
Drive SaaS hygiene across our tooling estate — shadow IT discovery, configuration hardening, and data classification in partnership with the security team.
Build the integrations and automation that eliminate manual IT work — connecting identity, HRIS, and SaaS tooling into scalable provisioning workflows.
Own the access request process end-to-end, and maintain the runbooks, documentation, and self-service resources that keep the team unblocked.
Partner on IT support for a 70+ person team –– triaging and resolving hardware and software issues with pragmatism and good judgment.
Own device lifecycle and support new hire onboarding end-to-end, ensuring a seamless Day 1 experience.

Requirements

What you’ll need

Have 4+ years of experience in IT engineering, corporate security, or a combined IT/SecOps role with hands-on ownership of identity and SaaS environments.
Have deep, practical experience with Okta — SSO configuration, lifecycle management, MFA policies, and group-based provisioning.
Have built or managed HRIS/IT integrations and understand how provisioning pipelines work across HR, identity, and downstream SaaS tools.
Have run access reviews and understand what SOC 2 access control evidence looks like — logs, approval chains, audit trails.
Are comfortable in the command line and can write scripts (Terraform, Python, Bash, or similar) to automate repetitive IT work.
Have supported end users at a fast-moving company and know how to balance velocity with security without being a blocker.
Think in terms of systems and workflows, not just tickets — you look for root causes and build durable fixes.
Thrive in ambiguous, high-agency environments and want to own a function, not just execute tasks.
Bonus points for:
Hands-on experience with Rippling or a similar HRIS platform.
Familiarity with MDM platforms (Jamf, Kandji, or Intune) for Mac and Windows fleets.
Experience with Google Workspace administration and security hardening.
Prior work at a startup where you wore both IT and security hats simultaneously.

Benefits

Comp & perks

Competitive salary plus equity
Daily lunches
Commuter benefits
401(k)
Medical, Dental, and Vision
Unlimited PTO

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

identity and access managementSaaS toolingOktaSSO configurationlifecycle managementMFA policiesprovisioning pipelinesTerraformPythonBash

Soft Skills

pragmatismgood judgmentproblem-solvingroot cause analysisadaptabilityownershipcommunicationcollaborationcritical thinkingtime management