Enterprise Security Engineer
About the role
Build and operate the identity system: lifecycle automation (joiner, mover, leaver), access governance and reviews, SSO and SCIM app onboarding, phishing-resistant MFA, and conditional access.
Run the enterprise security program. Own system availability, the operating metrics (fleet coverage, MTTR on enterprise vulnerabilities, access-review completion), and the continuous improvement loop.
Manage and harden the endpoint fleet through centralized device management: baseline configuration, hardening, and patch and compliance enforcement as code.
Operate endpoint detection and protection. Tune posture, drive down enterprise vulnerability exposure while maintaining engineering speed of execution.
Build automation and AI agents that eliminate manual enterprise security work: access reviews, onboarding and offboarding, drift detection, and audit evidence collection.
Partner with the broader detection and response team to deliver high-fidelity endpoint and identity telemetry to monitoring systems and support incident response efforts.
Establish secure by default standards for SaaS onboarding and enterprise tooling, including the AI tools employees are adopting.
Requirements
- Deep conviction that AI and automation should eliminate manual work, with a proven track record building agentic systems.
- 5+ years in IT or security engineering roles with an enterprise focus in fast pace technology companies.
- Deep hands-on Okta expertise with direct experience building lifecycle management, SAML/OIDC SSO, SCIM provisioning, and API-driven automation. Not console-only administration.
- Identity-first mindset: phishing-resistant authentication, conditional access, and least privilege applied at scale.
- Endpoint management at scale with Jamf, including macOS hardening and configuration-as-code. Working familiarity with Windows endpoint management.
- EDR operations with CrowdStrike Falcon or an equivalent platform.
- Strong scripting and automation in Python, Go, or TypeScript; comfortable writing infrastructure and configuration-as-code.
- Business-enablement mindset; success measured by impact and informed risk-taking, not ticket volume.
- High autonomy and comfort defining a good path forward where no playbook exists.
- Humility and curiosity; enabling employees and partner teams alongside building guardrails.
Skills
- Tech stack: Okta, Jamf, CrowdStrike Falcon, macOS, Windows, Microsoft Intune and Defender, Google Workspace, Slack, Cloudflare, Python, Go, TypeScript, Terraform, GitHub, AI tooling (OpenAI, Anthropic), Datadog.
Benefits
This role is based in our Miami office, in-person four days per week (Monday, Tuesday, Thursday, Friday). Candidates must be based within commuting distance of the office.
Pay
Competitive compensation package commensurate with experience.
Schedule
Flexible schedule to accommodate remote work options.