Enterprise Security Engineer

Sendbird, Inc.
San Mateo, United States of America
19 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 230K

Job location

Remote
San Mateo, United States of America

Tech stack

Artificial Intelligence
Apple Mac Systems
Bash
Software as a Service
Identity and Access Management
Virtual Private Networks (VPN)
Python
Remote Access Technology
Cloud Services
Zero Trust Network Access
Data Logging
Scripting (Bash/Python/Go/Ruby)
Mitre Att&ck
Gsuite
CIS Benchmarks

Job description

  • We're building AI that handles real customer conversations at scale. That means identity systems, SaaS stacks, and endpoints that have to work, and stay secure, without getting in the way of the people building and shipping every day
  • The threat landscape isn't standing still, and neither are we. This role exists because we need someone who thinks about security the way our engineers think about product: automate what's repetitive, build what's missing, and make the secure path the easy path
  • You'll own enterprise security across endpoints, identity, cloud services, and SaaS applications for a globally distributed team. You'll work directly with IT and Engineering, and you'll use AI-powered tooling to move faster than any traditional security team. This role is for someone who scripts before they click, builds before they buy, and sees automation as a force multiplier, not a nice-to-have
  • You automate repetitive security tasks before they become recurring headaches, and you reach for Python or Bash as naturally as you reach for a runbook
  • You treat SaaS sprawl as an engineering problem, not an audit problem, and you build controls that scale without constant manual oversight
  • You think about attacker techniques (MITRE ATT&CK is a starting point, not a ceiling) and design detections that actually catch things
  • You've built or used AI-assisted workflows to speed up threat detection, alert triage, or security reporting, and you're always looking for more places to apply them
  • You hold the "secure by default" bar without being the team that slows everyone else down
  • You can explain risk trade-offs clearly to engineers and business stakeholders, not just security people
  • You're never satisfied with "we have a tool for that" if the tool isn't actually being used well
  • Harden a global MacOS fleet using EDR, NGAV, and MDM, enforcing patching cadences and security baselines at scale
  • Build and enforce IAM policies (SSO, MFA, SCIM, least-privilege), with automated provisioning and de-provisioning wherever possible
  • Secure Google Workspace and the broader SaaS stack, implementing DLP controls and logging pipelines that surface real data exposure risk
  • Administer and improve VPN and zero-trust remote access infrastructure for a distributed workforce
  • Develop AI-assisted detection and response workflows, automating alert triage, incident timelines, and routine reporting
  • Embed security into how Engineering and IT build and ship, not just how the company audits afterward
  • Monitor the threat landscape, translate attacker techniques into actionable detections, and stay ahead of what's actually being used against companies like ours
  • Build internal security tooling and dashboards where off-the-shelf falls short, using automation pipelines to close the gaps

Requirements

  • Operational experience with VPN and ZTNA platforms, and working knowledge of modern email security (SPF, DKIM, DMARC)
  • Proven ability to secure SaaS platforms with preventive and detective controls, including DLP and logging pipelines
  • Scripting proficiency in Python (strong preference), Bash, or a comparable language, used for automation, not just one-off fixes
  • 4+ years of hands-on enterprise security experience, with real depth in endpoint security across a MacOS-heavy fleet (EDR, NGAV, MDM)
  • Experience owning a risk-based security roadmap, including prioritization frameworks that tie security investment to actual business exposure
  • Deep familiarity with adversary tactics via MITRE ATT&CK, with hands-on experience designing detection and response strategies around those techniques

Benefits & conditions

  • Be Your Best Self: A generous all-in-one wellness benefit. Use it on anything from workout equipment to hobby gear to gadgets to gaming consoles.
  • AI Citizenship: As an AI-first company, we are sponsoring all members with real budget to adopt various AI software to 100x productivity and creativity.
  • Generous PTO: In addition to paid holidays, accrued vacation and sick leave, employees get paid volunteer time off, and a good amount of family or paternal leave.
  • Rest & Rejuvenate: Take a non PTO day off to enjoy your birthday or just to relax and refresh yourself.

Apply for this position