Corporate Security Engineer

Corporate Security Engineer.

Location: #Remote.
Salary: $194.4K – $243K.
Employer: Docker.

Responsibilities:
• Own and continuously improve Docker's Identity and Access Management infrastructure, including SSO, MFA enforcement, lifecycle management, and access governance.
• Discover, map inventory and conduct security reviews on third-party integrations and drive security improvements across our SaaS application ecosystem.
• Secure and harden our core collaboration as well as documentation platforms, including email, document sharing, and communication tools.
• Define and enforce device compliance policies across our corporate device fleet; own the end-to-end compliant device experience.
• Mature a Zero Trust security model across corporate infrastructure, enforcing conditional access based on identity.
• Establish and maintain an approved application governance program across desktop, browser, developer tooling, and third-party AI services, with appropriate monitoring and risk-based controls.
• Contribute to the team's incident response capability, bringing corporate IT and identity expertise to investigations and remediation efforts.
• Design and deploy canaries across our endpoint fleet, for increased visibility and early-warning capabilities
Participate in the Security team on-call rotation by managing detection and response to security events .
• Own and continuously improve employee lifecycle security processes, ensuring robust controls at both onboarding and offboarding.
• Maintain IT security evidence and documentation supporting compliance with SOC2 and ISO ISO 27xxx.
• Take part in on-call rotation for your team; respond to incidents, debug production issues, and drive continuous improvement of system reliability.

Requirements:
• 6+ years in IT systems engineering with emphasis on automation, and hands-on experience in identity access management, and security best practices.
• Deep hands-on expertise with Enterprise IdP (SSO, MFA, lifecycle management, groups, API automation).
• Strong experience securing Google Workspace at an admin level.
• Experience with MDM solutions and endpoint hardening.
• Solid understanding of OAuth, SAML, OIDC, and modern identity and access patterns.
• Experience governing SaaS applications at scale: inventory, risk assessment, integration audits.
• Scripting or automation skills (Golang, Python, Bash, Terraform, or similar) for API integration work.
• Ability to write and own technical design documents and risk assessments.
• Strong cross-functional communication — able to work effectively with GRC, IT, legal, and non-technical stakeholders.
• Experience with compliance frameworks such as SOC2 or ISO 27xxx.

⚡ Показать контакты

#Удаленка #ИБ