RemoteLeaf Logo
Log in Sign up

Corporate Security Engineer

3 hours, 21 minutes ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
Bash macOS OAuth Python SIEM
Apply Now
Branch

Branch

Branch (branchapp.com) offers instant payment solutions for businesses, including contractor payouts, cashless tips, and earned wage access. They connect communities for social interactions and meet-ups, partnering with leading employers to empower wor...

Professional Services
51-250
Founded 2015
$633M raised
View All Jobs 10

Description

  • Own the day-to-day administration and tuning of CrowdStrike Falcon across the endpoint fleet, including prevention policies, detections, custom IOAs, USB controls, and response runbooks.
  • Operate and mature ThreatLocker by building and maintaining application allowlists, ringfencing, storage controls, and elevation policies.
  • Administer Island Enterprise Browser policies for SaaS access, data egress, copy/paste, download, screenshot, and extension controls.
  • Drive endpoint hardening and configuration baselines for macOS and Windows, including MDM, patch SLAs, FileVault/BitLocker, and CIS-aligned benchmarks.
  • Maintain an accurate inventory of endpoints, agents, and coverage gaps, and remediate devices that fall out of compliance.
  • Own corporate-side incident response for endpoint, identity, email, and insider events from triage through containment, recovery, and post-incident review.
  • Build and run the insider risk program, including risk indicators, detections, and response playbooks across endpoint, browser, and SaaS telemetry.
  • Operate data loss prevention controls across Google Workspace, Island Browser, and endpoint channels, and investigate DLP events end to end.
  • Lead onboarding, offboarding, and transition security workflows with People Operations, including least-privilege access and monitoring of high-risk departures.
  • Harden Google Workspace and automate repetitive security work using scripting and orchestration tools, while serving as an escalation point for secure configuration and acceptable-use questions.

Requirements

  • 3–5 years of experience in corporate security, endpoint security, security operations, or insider risk roles with increasing responsibility.
  • Hands-on experience with EDR tools, ideally CrowdStrike Falcon, including detection tuning, custom IOAs/IOCs, and Real Time Response investigations.
  • Experience with application control or zero-trust endpoint tooling such as ThreatLocker, Airlock, or AppLocker.
  • Familiarity with enterprise or managed browsers such as Island, Talon, or Chrome Enterprise and the controls they enable.
  • Strong Google Workspace security background, including admin console controls, context-aware access, OAuth governance, and DLP.
  • Experience investigating incidents end to end, including phishing, malware, account compromise, DLP events, and insider risk cases.
  • Solid fundamentals in identity and access management, endpoint hardening, MDM, logging, and SIEM-based detection.
  • Scripting proficiency in Python and/or Bash; experience with security orchestration platforms such as Tines, Torq, or XSOAR is a plus.
  • Strong written and verbal communication skills for working with HR, Legal, GRC, and executive stakeholders.
  • Strong ethics and discretion for handling confidential personnel and investigative information.
  • Familiarity with security frameworks such as ISO 27001, SOC 2, PCI-DSS, NIST CSF, and CIS Benchmarks.
  • Must be currently authorized to work in the USA without sponsorship or transfer.
  • Ability to work remotely within the United States, as this role is not open to candidates outside the domestic U.S.

Benefits

  • Base salary range of $125k–$135k, with final pay adjusted based on skills, experience, education, or training.
  • Market-leading medical, dental, and vision insurance.
  • Stock options.
  • Free Premium-Tier Origin Financial Wellness subscription.
  • Monthly home-office stipend.
  • 401(k) through TransAmerica.
  • 12 weeks of paid parental leave for birthing and non-birthing parents.
  • Flexible time off, sick and safe time, and 11 paid company holidays.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

6sense

Staff Security Engineer - SecOps & Threats

6sense 1K-5K IT Services

6sense is hiring a Security Operations and Threat Management professional to protect the company through monitoring, incident response, threat research, and security automation.

United States Full-time Senior Security Engineer
$231k-$266k
AWS SIEM
2 hours, 8 minutes ago
Egen.ai

Lead Cloud Engineer- Network Specialist

Egen.ai IT Services

Egen is hiring a Lead Cloud Engineer – Network Specialist to own hands-on delivery of hybrid cloud networking and network security for client environments.

Anywhere Full-time Lead Network Engineer Security Engineer
$177k-$208k
AWS Azure GCP Load Balancing Salesforce Terraform
2 hours, 55 minutes ago
Ethos Solutions

Senior IT Engineer

Ethos Solutions 1-10 Professional Services

Ethos is hiring a Senior IT Engineer to lead its cloud-first internal IT environment and drive secure, scalable operations that support the company’s employees and business systems.

United States Full-time Senior Security Engineer Technical Support Engineer
$109k-$193k
Bash macOS Python
6 hours, 35 minutes ago
Infatica

AV Whitelisting & Endpoint Security Compatibility Engineer

Infatica 1-10 Internet Software & Services

Infatica is seeking a security engineer to help its networking and infrastructure products maintain trust and reputation across Windows environments by reducing antivirus and endpoint security false positives and managing vendor interactions.

Spain Full-time Senior Security Engineer
CrowdStrike
7 hours, 59 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers