Principal Security Engineer, Application Security
GitLab
GoGraphQLRubyRuby on RailsTypeScript
Senior/Staff Security Engineer – Corporate Security
Phantom
full-time
Posted on:
Location Type: Remote
Location: Remote • 🏈 Anywhere in North America
Visit company websiteSalary
💰 $225,000 - $285,000 per year
Job Level
Senior
Tech Stack
AWSAzureCloudGoGoogle Cloud PlatformiOSJamfMacOSPython
About the role
- Design, implement, and manage security for all corporate endpoints across our fully distributed workforce
- Deploy and operate our security stack including MD, EDR/XDR, ZTNA and SSO
- Implement zero-trust architecture principles including device trust, conditional access, and least-privilege controls
- Enforce security baselines, hardening standards, and compliance policies across all corporate systems
- Build and maintain secure authentication systems and identity management workflows
- Lead security initiatives for endpoint hardening, access controls, and corporate infrastructure protection
- Conduct security design reviews and risk assessments for new services, tools, and integrations
- Perform vulnerability assessments and drive remediation efforts across corporate systems
- Partner with IT and cross-functional teams to balance security requirements with business velocity
- Develop and enforce IT security policies, standards, and procedures aligned with industry best practices
- Respond to security incidents and events impacting corporate systems with urgency and technical depth
- Collaborate with the Detection & Response team to build detection rules, alerts, and monitoring for corporate infrastructure threats
- Automate security workflows using Python, Go, or similar languages to reduce manual toil
- Create runbooks and playbooks for common security scenarios
- Leverage security tooling and automation to scale security operations efficiently
- Evangelize security best practices through education, training, and internal communications
- Build security awareness programs that empower employees to make secure decisions
- Partner with engineering teams to embed "secure by default" principles into development workflows
- Serve as a trusted security advisor across the organization
Requirements
- 5+ years of experience in corporate/enterprise security, IT security, or endpoint security engineering
- Deep hands-on expertise with:
- MDM platforms: JAMF, Kandji, Intune, or similar for macOS/iOS fleet management
- EDR/XDR solutions: CrowdStrike, SentinelOne, Microsoft Defender, or similar
- Identity & Access Management: Okta, Azure AD/Entra ID, or similar SSO/IAM platforms
- Authentication protocols: SAML, OAuth, OIDC, SCIM
- Zero Trust architecture: Device trust, conditional access, identity verification, and least-privilege access models
- Strong scripting/automation skills: Python, Go, Bash for security automation and tooling
- Cloud security knowledge: Hands-on experience with AWS, GCP, or Azure
- macOS security expertise: Deep understanding of macOS security architecture, hardening, and management
- Proven ability to independently manage projects, navigate ambiguity, and drive initiatives to completion
- Collaboration skills: Ability to work cross-functionally, influence without authority, and translate security requirements for non-technical stakeholders
- Security-first mindset with practical knowledge of zero-trust principles, defense-in-depth, and risk-based security.
Benefits
- Competitive salary and equity
- Comprehensive insurance (medical/dental/vision) — 100% covered
- Stipend for your ideal remote set-up
- Flexible hours and a supportive remote environment
- Unlimited vacation: Take time when you need it (and we really mean it!)
- 401(k) retirement plan
- Monthly wellness benefit
- Weekly meal benefit
- Global off-sites
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
endpoint securityzero-trust architecturevulnerability assessmentssecurity automationauthentication protocolscloud securitymacOS securityidentity managementsecurity design reviewsrisk assessments
Soft skills
project managementcollaborationinfluence without authoritycommunicationsecurity awarenesseducation and trainingproblem-solvingtechnical depthinitiativeadaptability
