Jobs · Information Technology · Michigan

Staff Security Engineer, Enterprise Security Engineering

Aurora · Detroit, MI · 2 wk ago
Information Technology$171k–$273k/yrFull-time

About the role

Aurora is seeking a Staff Security Engineer to join our Enterprise Security Engineering team. Reporting to the Technical Lead Manager of Security Engineering, this role is open to Aurora offices in Mountain View, San Francisco, Seattle, Pittsburgh, Dallas, Detroit, and Phoenix.

Responsibilities

  • Own the architecture and implementation of Aurora's enterprise security controls — designing the systems and integrations that protect Aurora's endpoints, identities, internal infrastructure, and SaaS environment.

  • Design and build Aurora's security telemetry and detection infrastructure, including log pipelines, SIEM integrations, and alerting frameworks — in partnership with the Security Operations Engineer who owns ongoing tuning and rule development.

  • Define and enforce enterprise security standards, conducting architecture and design reviews to ensure alignment with Aurora's security posture and risk tolerance.

  • Partner with IT, Infrastructure, and Engineering teams to embed security requirements early — shifting left on corporate IT initiatives before they become technical debt.

  • Build automation and tooling that extends the capabilities of Aurora's security platforms, reduces manual operational burden, and scales the team's impact.

  • Serve as the escalation point for enterprise security incidents requiring engineering-level investigation or remediation, and participate in the team's on-call rotation.

  • Translate security strategy into concrete, executable engineering projects with clear milestones and measurable outcomes.

Requirements

  • 12+ years of hands-on experience in enterprise security engineering or corporate information security — specifically securing employee-facing systems, endpoints, identities, and internal infrastructure (not product or application security).

  • Proficiency in at least one programming language, used in a security context — writing production-quality automation, integrations, or internal tooling (the team primarily uses Go; Python is also common).

  • Experience architecting and integrating enterprise security platforms — designing API integrations, automating workflows, and building tooling that extends platform capabilities across domains such as EDR/XDR, MDM, IAM/IGA, DLP, SaaS security, cloud security, or PKI.

  • Experience designing and building security telemetry pipelines and detection infrastructure — log ingestion, normalization, SIEM integration, and alerting architecture.

  • Experience leading cross-functional security engineering projects — defining scope, driving execution, and aligning stakeholders across Engineering and IT.

  • Track record of conducting security architecture reviews and translating findings into actionable, risk-prioritized remediation plans.

  • Experience evaluating security posture and identifying systemic gaps, with a bias toward building durable solutions rather than one-off fixes.

Qualifications

  • Experience with Zero Trust architecture and identity-centric security models (BeyondCorp-style or similar).

  • Familiarity with NIST CSF, MITRE ATT&CK, and CIS Benchmarks as engineering inputs — used to inform what to build and how to validate it, not just as compliance checkboxes.

  • Hands-on AWS security experience (SCPs, GuardDuty, Security Hub, IAM, etc.) and familiarity with integrating cloud security signals into a corporate security platform.

  • Experience with applied cryptography and PKI in a production enterprise environment — certificate lifecycle management, CA design, or secrets management.

  • Familiarity with securing AI/ML platforms or applications built on LLMs, RAG pipelines, or MCP-based architectures.

  • Security certifications such as CISSP, GCED, GREM, or similar (valued but not required).

Similar jobs