Corporate Security Engineer

Canada•United States

Remote

Senior

Full Time

7 days ago

💰$ 189,400 - $ 243,000

remotesecuritycorporate_securityidentity_managementendpoint_securitySaaS_governancedevice_compliance

Requirements

•6+ years in IT systems engineering with emphasis on automation, and hands-on experience in identity access management, and security best practices
•Deep hands-on expertise with Enterprise IdP (SSO, MFA, lifecycle management, groups, API automation)
•Strong experience securing Google Workspace at an admin level
•Experience with MDM solutions and endpoint hardening
•Solid understanding of OAuth, SAML, OIDC, and modern identity and access patterns
•Experience governing SaaS applications at scale: inventory, risk assessment, integration audits
•Scripting or automation skills (Golang, Python, Bash, Terraform, or similar) for API integration work
•Ability to write and own technical design documents and risk assessments
•Strong cross-functional communication — able to work effectively with GRC, IT, legal, and non-technical stakeholders
•Experience with compliance frameworks such as SOC2 or ISO 27xxx

•Own and continuously improve Docker's Identity and Access Management infrastructure, including SSO, MFA enforcement, lifecycle management, and access governance
•Discover, map inventory and conduct security reviews on third-party integrations and drive security improvements across our SaaS application ecosystem
•Secure and harden core collaboration and documentation platforms, including email, document sharing, and communication tools
•Define and enforce device compliance policies across corporate device fleet; own the end-to-end compliant device experience
•Mature a Zero Trust security model across corporate infrastructure, enforcing conditional access based on identity
•Establish and maintain an approved application governance program across desktop, browser, developer tooling, and third-party AI services, with appropriate monitoring and risk-based controls
•Contribute to the team's incident response capability, bringing corporate IT and identity expertise to investigations and remediation efforts
•Design and deploy canaries across endpoint fleet for increased visibility and early-warning capabilities
•Participate in the Security team on-call rotation by managing detection and response to security events
•Own and continuously improve employee lifecycle security processes, ensuring robust controls at onboarding and offboarding
•Maintain IT security evidence and documentation supporting compliance with SOC2 and ISO 27xxx

•Experience with Zero-Trust Network Access solutions (ZTNA) and Endpoint Detection and Response (EDR) tooling
•Familiarity with canary/deception-based detection techniques
•Experience implementing Just-in-Time (JIT) access patterns and identity-as-code practices
•Experience with implementing and rolling out Data Leak Prevention (DLP) solutions

•Freedom & flexibility; fit your work around your life
•Designated quarterly Whaleness Days plus end of year Whaleness break
•Home office setup; we want you comfortable while you work
•16 weeks of paid Parental leave
•Technology stipend equivalent to $100 net/month
•PTO plan that encourages you to take time to do the things you enjoy
•Training stipend for conferences, courses and classes
•Equity; we are a growing start-up and want all employees to have a share in the success of the company
•Docker Swag
•Medical benefits, retirement and holidays vary by country
•Remote-first culture, with offices in Seattle and Paris