Security Engineer, Corporate Security
Fresh Ventures · San Francisco, CA · Today
On-siteInformation Technology$200k–$220k/yrFull-time
About the role
Multifaceted security engineer position focusing on identity, endpoints, SaaS, and workforce infrastructure. Responsibilities include:
- Harden identity and access management stack with phishing-resistant MFA, strong SSO, and least-privilege access.
- Operate endpoint security program across macOS, Windows, and ChromeOS fleets.
- Secure AI tool usage, governance of large language models, and model context protocol integrations.
- Reduce SaaS risk at scale through SSPM tooling and custom automation.
- Write code (Python, Terraform) for access reviews, onboarding/offboarding, configuration drift detection, and audit evidence collection.
- Partner with Detection & Response for incident investigation and response.
Requirements
Minimum requirements include:
- 5+ years of hands-on experience in corporate security, enterprise security, or IT security engineering at a cloud-native company.
- Working knowledge of major identity providers (Okta, Entra, Google Workspace) and underlying protocols.
- Hands-on experience operating endpoint management and detection tooling across macOS and enterprise environments.
- Production-quality scripting and automation skills in Python or Bash, and experience with Terraform or similar infrastructure-as-code tools.
- Familiarity with SaaS security risks and integration with long-tail vendors.
- Experience with at least one major cloud platform (AWS, GCP, Azure) at the security configuration level.
Qualifications
Preferred qualifications include:
- Experience at a fast-growing tech or AI company where the security program had to outpace headcount.
- Background in IT engineering, SRE, or production engineering that transitioned into security engineering.
- Contributions to the security community through open-source tools, blog posts, or conference talks.
Skills
Essential skills required for this role include:
- Clear communication in writing and effective collaboration across IT, Engineering, Legal, People, and GRC.
- Knowledge of major identity providers (Okta, Entra, Google Workspace).
- Hands-on experience with endpoint management and detection tooling.
- Experience with SaaS security risks and governance.
- Experience with at least one major cloud platform (AWS, GCP, Azure).
- Ability to write production-quality scripts and automation in Python or Bash.
- Experience with Terraform or similar infrastructure-as-code tools.
Benefits
Notion offers a competitive compensation package, including base salary, equity, and benefits. The estimated base salary range for this role is $200,000 - $220,000 per year for roles based in San Francisco or New York City.