Writer

Security engineer, enterprise security

Writer

full-time

Posted on:

Origin:  • 🇺🇸 United States • New York

Visit company website
AI Apply
Manual Apply

Job Level

SeniorLead

Tech Stack

AndroidAzureCloudiOSJamfKubernetesPython

About the role

  • Build and maintain endpoint security architecture and strategy
  • Deploy, manage, and troubleshoot enterprise browsers, EDR, DLP, AV, and other security tools
  • Implement device hardening and automated compliance checks
  • Investigate endpoint security incidents and build systems that strengthen identity, DLP, and device security
  • Own endpoint security tools; Detection & Response uses your tools for monitoring
  • Automate IAM processes to remove manual bottlenecks in user lifecycle management (onboarding → offboarding)
  • Design and implement enterprise-wide identity and authentication solutions
  • Deploy IGA, PAM, and cloud-native IAM platforms
  • Partner with engineering teams on provisioning, access termination, and entitlement management
  • Own all human/employee identities (service/machine identity managed by Cloud/Infrastructure)
  • Design and operate MDM for iOS, Android, and corporate-owned devices
  • Create compliance policies and automated enforcement
  • Integrate MDM with conditional access and zero trust
  • Manage BYOD programs with balanced security/privacy controls
  • Automate provisioning, configuration, and device retirement
  • Evaluate and secure third-party SaaS applications
  • Conduct technical security assessments of SaaS vendors
  • Implement enterprise SaaS security strategies
  • Partner with GRC on vendor risk requirements while you own technical controls
  • Deploy endpoint/user-focused Zero Trust security frameworks
  • Implement device trust, continuous verification, and user behavior analytics
  • Create conditional access policies based on device health and user risk
  • Automate security processes with Python, PowerShell, or similar
  • Maintain runbooks and automation for security reviews
  • Support and troubleshoot IAM systems across platforms
  • Drive data-informed prioritization for security initiatives

Requirements

  • 8+ years in enterprise security engineering (IAM & endpoint protection focus)
  • 5+ years implementing identity solutions at scale (1,000+ users)
  • Proven track record of automation with measurable process improvements
  • Deep expertise with Okta, Ping, Azure AD, CrowdStrike, SentinelOne, CyberArk
  • Strong scripting skills (Python, PowerShell)
  • SAML, OAuth, OIDC
  • EDR platforms, MDM solutions (Jamf, Intune, Workspace ONE, MobileIron)
  • DLP, insider threat programs, and endpoint/user zero trust
  • Familiarity with SOC2, ISO 27001, GDPR, HIPAA
  • History of cutting manual processes by 50%+ through automation
  • MTTR improvements for access-related incidents
  • Experience driving security initiatives that accelerate business growth
  • Experience securing AI/ML development environments
  • Background in browser security & secure web gateway implementation
  • Knowledge of container/Kubernetes security
  • Contributions to open-source security projects
  • Experience with SOAR platforms