Senior Security Engineer

We're looking for a hands-on Senior Security Engineer with broad experience across enterprise security - identity, cloud, collaboration platforms, and endpoints. This is not a traditional SOC or Detection & Response role. Your focus will be on building, improving, and scaling the security controls, guardrails, and automation that protect a modern, cloud-first environment.

You'll work closely with engineering, IT, and compliance teams to strengthen our security posture, drive security initiatives end-to-end, and ensure our environments remain secure as we grow. Deep experience with cloud identity and access platforms is especially important. Experience with data protection (DLP/DSPM) is a strong plus.

What You Will Do

Identity & Access Security

• Engineer and operate identity security controls, including just-in-time access, privileged elevation, federation, conditional access, strong authentication, and least-privilege patterns.
• Strengthen identity governance across cloud and enterprise environments, including role design, access reviews, and lifecycle processes.

Cloud Security & Governance

• Build and maintain cloud guardrails across multi-cloud environments (policies, blueprints, configuration rules, organizational guardrails).
• Implement and tune cloud security posture / CNAPP capabilities to continuously monitor, prioritize, and reduce misconfigurations and exposed risks.
• Analyze cloud IAM configurations and identity behavior to identify risky patterns, excessive permissions, and gaps in controls.

Endpoint, Collaboration & Data Security

• Enhance endpoint security through EDR tuning, hardening baselines, and consistent configuration enforcement.
• Own key corporate security controls across email, collaboration, endpoints, cloud applications, and endpoint privilege management.
• Support data protection initiatives, including DLP/DSPM policies, classifications, and monitoring, with a focus on usable, business-aligned controls.

Automation & Engineering

• Develop automation and tooling (for example, using scripting languages and workflow/serverless automation services) to improve visibility, consistency, and reduce manual effort.
• Build scalable, business-aligned security controls that integrate smoothly into engineering, IT, and operational workflows.

Security Architecture & Cross-Functional Work

• Contribute to the long-term security architecture and strategy for identity, cloud, endpoints, and data protection.
• Lead small to medium security projects end-to-end: define scope, align stakeholders, implement, and follow through on outcomes.
• Collaborate with compliance and risk teams to maintain and audit controls aligned with relevant frameworks and certifications.
• Provide guidance and mentorship to cross-functional teams on secure patterns and best practices.

Do you have experience in Threat detection & response?, * 5+ years of hands-on experience as a Security Engineer with exposure to identity, endpoint, and cloud security.

• Strong understanding of identity security and governance (privileged access, strong authentication, conditional access, federation, access reviews, and role design).
• Experience with endpoint security (hardening, configuration baselines, detection and response capabilities).
• Experience with data protection (DLP/DSPM), endpoint privilege management (EPM), or privileged access management (PAM) solutions is a strong plus.
• Ability to script or automate using languages such as Python, PowerShell, or JavaScript.
• Experience building automation using workflow orchestration and serverless platforms (for example, runbooks, pipelines, and function-as-a-service patterns).
• Strong understanding of IAM concepts and identity behavior across multi-cloud environments.
• Experience implementing practical, business-aligned security controls in cloud environments (experience in more than one major cloud is a plus).
• Ability to work independently, make informed decisions, and manage competing priorities.
• Experience collaborating with distributed teams and cross-functional stakeholders.
• Familiarity with DevOps practices and Agile methodologies is a plus.

You'll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you're someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life-we'd love to meet you. **Semperis maintains office locations in several cities across the globe. Candidates who reside within 45 miles of one of our offices-or where the job description specifies a required location-will follow our hybrid work model. This includes working onsite some days per week and remotely the remaining days.