×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Security Engineer - Corporate Security

Job in Palo Alto, Santa Clara County, California, 94306, USA
Listing for: Obsidian Security
Full Time position
Listed on 2025-12-02
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below
Position: Staff Security Engineer - Corporate Security

Position Overview

We’re looking for a Staff Security Engineer to join our team and help drive our corporate security to the next level and beyond. The ideal candidate is highly technical, passionate, and team-oriented, capable of evolving our corporate security program by optimizing, maturing, automating, integrating, and evolving our existing security controls, processes, and capabilities. In this operational, hands-on role, you will engineer, architect, implement, and operate scalable security solutions across Obsidian’s global corporate environments.

The Staff Security Engineer reports to the Chief Information Security Officer, works within the Security Team, partners closely with Product Security, GRC, IT, and Engineering, and will have the support and autonomy to drive maturity and technical excellence within Obsidian’s corporate security program and operations. Candidates should be highly technical team players with experience in cybersecurity engineering, operations, analysis, incident response, threat and vulnerability management, security posture management, and related disciplines.

This is a multi-faceted role in a fast-moving startup and requires ownership mentality, sound judgment, and initiative.

Your Responsibilities Will Include:

  • Corporate Security Operations and Architecture
  • Support IT by enhancing and automating security controls for corporate IT systems, including Google Workspace, Microsoft 365, Salesforce, Meraki, Jamf, Atlassian, Notion, and Slack.
  • Operate, integrate, monitor, and automate security tooling such as endpoint detection and response, SIEM, SaaS Security Platforms, Email Security Platforms, CNAPP, MDM, EPM, and firewall technologies.
  • Define, implement, and enforce secure and hardened patterns for corporate endpoint deployments and operations.
  • Create automation workflows for security incident detection and response across corporate environments.
  • Secure Identity Access Management and Privilege Access Management systems, and ensure least privilege access and RBAC models are designed and implemented.
  • Ensure corporate password and secrets managers are securely hardened and monitored.
  • Support product penetration testing and corporate red teaming exercises.
  • Support security program continuity and resiliency by maturing security documentation, processes, and runbooks. Build playbooks for recurring security events and operations.
  • Perform regular access reviews and corporate vulnerability management.
  • Drive zero-trust principles in corporate network communication and access control.
  • Security Governance, Risk Management, and Compliance
  • Support the GRC Team with security compliance for standards such as SOC 2 and ISO 27001.
  • Assist the GRC Team with internal and external security audits such as SOC 2 and ISO 27001.
  • Maintain accurate inventories of systems, users, and data flows across the corporate environment.
  • Help drive security awareness and training programs across the company.
  • Conduct Third-party Risk Management in support of the procurement of corporate products and services
  • Support the GRC Team with inbound customer and prospect security reviews and due diligence.
  • Ensuring Obsidian assets are managed to a high-security standard
  • Implement security tooling, automation, and orchestration as needed for detection, response, reporting, and vulnerability management capabilities.
  • Ensure that security tooling is maintained, optimized, and consistently deployed across the Obsidian install base.
  • Develop security threat detection rules and analytics within Obsidian security tooling systems and drive posture security maturity.

What We’re Looking For

  • A person who is excited about working at an industry-leading cybersecurity startup company with enterprise security needs.
  • At least 6 years of Security Engineering and Operations experience.
  • Proficiency in the following security domains:
    Endpoint Detection and Response, SIEM, Network Security Monitoring and Hardening, Endpoint Security Management and Hardening, Security Posture Management, Defense in Depth, IAM and PAM, SOAR.
  • Preference for scripting experience for security automation (e.g., Python).
  • Be obsessive about security while supporting the overall…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search