Sr. Corporate Security Engineer
Navan
United States · Remote
Posted on Nov 27, 2024
We are seeking a Senior Corporate Security Engineer to join our team. This role is integral to ensuring the security of our corporate environment across all devices, applications, and networks. The ideal candidate will have a deep understanding of enterprise IT security within a modern SaaS company and will be passionate about automating and scaling security processes. You will work on securing our corporate infrastructure, implementing cutting-edge security solutions, and collaborating with various teams to enhance our overall security posture.
What You'll Do
- Manage Workforce IAM and identity governance (IGA): Oversee and optimize our Identity and Access Management systems, specifically leveraging Okta, to ensure secure and efficient user authentication and authorization and implement access management and approval automation workflows.
- Secure Devices and Endpoints: Develop and implement security strategies for all corporate devices and endpoints to protect against unauthorized access and threats.
- Implement Zero Trust Network Access: Design and deploy Zero Trust security models to enhance network security and safeguard company resources.
- Enhance Email Security: Develop and maintain robust email security protocols to prevent phishing, spam, and other email-borne threats.
- Deploy Data Loss Prevention (DLP) Solutions: Implement DLP strategies focusing on protecting PII and PCI data within SaaS applications like Google Workspace, Salesforce, and Box.
- Enable Large-Scale Endpoint Management: Facilitate the deployment of secure operating systems and platforms at scale to reduce attack surfaces and improve endpoint management.
- Orchestrate Security Posture Checks: Automate security checks for all new infrastructure deployments to ensure compliance with security standards.
- Implement Endpoint State Attestation: Deploy tooling to continuously validate the security state of endpoints.
- Scale Proactive Security Controls: Extend security measures to new environments, including those acquired through mergers or acquisitions.
- Collaborate on Physical Security: Work closely with the physical security team to integrate security measures and communicate effectively about potential risks and solutions.
- Stay Current with Industry Trends: Keep abreast of the latest security threats, technologies, and trends to proactively address potential vulnerabilities.
- Develop Custom Security Solutions: Contribute to the development of custom and open-source security tools tailored to our needs.
What We're Looking For
- Experience: Minimum of 5 years of experience in corporate security engineering within a SaaS or similar environment.
- Technical Expertise:
- Strong knowledge of securing devices and endpoints.
- Proficiency with Okta for workforce Identity and Access Management; Okta Certification is a plus.
- Experience with access management automation and workflows, using OKTA IGA (preferred), Microsoft Entra ID,, sailpoint or a similar platform.
- Experience with securing Google Workspace and Microsoft Enterprise Suite.
- Hands-on experience implementing an enterprise zero trust network access solution such as ZScaler a strong plus.
- Familiarity with networking, switches, firewalls and minimal physical hardware setups.
- Knowledge of deploying security solutions across SaaS applications.
- Understanding of Zero Trust Network Access models.
- Experience with infrastructure management tools (Puppet, Chef, Ansible, Terraform).
- Knowledge of Data Loss Prevention strategies in SaaS applications.
- Experience with vulnerability management tools and methodologies.
- Automation Skills: Ability to automate tasks using a scripting language or no-code/low-code automation tools.
- Communication Skills: Ability to effectively communicate complex security concepts to technical and non-technical stakeholders, including collaboration with the physical security team.
- Problem-Solving Abilities: Demonstrated ability to identify security risks and develop effective mitigation strategies.
- Automation Mindset: Passion for automating processes to improve efficiency and scalability.
- Certifications:
- Nice to Have: Okta Certified Professional or higher, CISSP, CISM, or similar security certifications.
- Education: Bachelor's degree in Computer Science, Information Security, or a related field preferred.
The posted pay range represents the anticipated low and high end of the compensation for this position and is subject to change based on business need. To determine a successful candidate’s starting pay, we carefully consider a variety of factors, including primary work location, an evaluation of the candidate’s skills and experience, market demands, and internal parity.
For roles with on-target-earnings (OTE), the pay range includes both base salary and target incentive compensation. Target incentive compensation for some roles may include a ramping draw period. Compensation is higher for those who exceed targets. Candidates may receive more information from the recruiter.
For roles with on-target-earnings (OTE), the pay range includes both base salary and target incentive compensation. Target incentive compensation for some roles may include a ramping draw period. Compensation is higher for those who exceed targets. Candidates may receive more information from the recruiter.
Pay Range
$127,500—$230,000 USD