RemoteLeaf Logo
Log in Sign up

Corporate Security Engineer

1 month ago
United States
Full-time
Mid Level
Security Engineer
DevOps and Infrastructure
Bash macOS OAuth Python SIEM
Apply Now
Branch

Branch

Branch (branchapp.com) offers instant payment solutions for businesses, including contractor payouts, cashless tips, and earned wage access. They connect communities for social interactions and meet-ups, partnering with leading employers to empower wor...

Professional Services
51-250
Founded 2015
$633M raised
View All Jobs 9

Description

  • Own the day-to-day administration and tuning of CrowdStrike Falcon across the endpoint fleet, including prevention policies, detections, custom IOAs, USB controls, and response runbooks.
  • Operate and mature ThreatLocker by building and maintaining application allowlists, ringfencing, storage controls, and elevation policies.
  • Administer Island Enterprise Browser policies for SaaS access, data egress, copy/paste, download, screenshot, and extension controls.
  • Drive endpoint hardening and configuration baselines for macOS and Windows, including MDM, patch SLAs, FileVault/BitLocker, and CIS-aligned benchmarks.
  • Maintain an accurate inventory of endpoints, agents, and coverage gaps, and remediate devices that fall out of compliance.
  • Own corporate-side incident response for endpoint, identity, email, and insider events from triage through containment, recovery, and post-incident review.
  • Build and run the insider risk program, including risk indicators, detections, and response playbooks across endpoint, browser, and SaaS telemetry.
  • Operate data loss prevention controls across Google Workspace, Island Browser, and endpoint channels, and investigate DLP events end to end.
  • Lead onboarding, offboarding, and transition security workflows with People Operations, including least-privilege access and monitoring of high-risk departures.
  • Harden Google Workspace and automate repetitive security work using scripting and orchestration tools, while serving as an escalation point for secure configuration and acceptable-use questions.

Requirements

  • 3–5 years of experience in corporate security, endpoint security, security operations, or insider risk roles with increasing responsibility.
  • Hands-on experience with EDR tools, ideally CrowdStrike Falcon, including detection tuning, custom IOAs/IOCs, and Real Time Response investigations.
  • Experience with application control or zero-trust endpoint tooling such as ThreatLocker, Airlock, or AppLocker.
  • Familiarity with enterprise or managed browsers such as Island, Talon, or Chrome Enterprise and the controls they enable.
  • Strong Google Workspace security background, including admin console controls, context-aware access, OAuth governance, and DLP.
  • Experience investigating incidents end to end, including phishing, malware, account compromise, DLP events, and insider risk cases.
  • Solid fundamentals in identity and access management, endpoint hardening, MDM, logging, and SIEM-based detection.
  • Scripting proficiency in Python and/or Bash; experience with security orchestration platforms such as Tines, Torq, or XSOAR is a plus.
  • Strong written and verbal communication skills for working with HR, Legal, GRC, and executive stakeholders.
  • Strong ethics and discretion for handling confidential personnel and investigative information.
  • Familiarity with security frameworks such as ISO 27001, SOC 2, PCI-DSS, NIST CSF, and CIS Benchmarks.
  • Must be currently authorized to work in the USA without sponsorship or transfer.
  • Ability to work remotely within the United States, as this role is not open to candidates outside the domestic U.S.

Benefits

  • Base salary range of $125k–$135k, with final pay adjusted based on skills, experience, education, or training.
  • Market-leading medical, dental, and vision insurance.
  • Stock options.
  • Free Premium-Tier Origin Financial Wellness subscription.
  • Monthly home-office stipend.
  • 401(k) through TransAmerica.
  • 12 weeks of paid parental leave for birthing and non-birthing parents.
  • Flexible time off, sick and safe time, and 11 paid company holidays.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Accenture

Incident Response Engineer

Accenture 100K+ Professional Services

Accenture Federal Services is hiring an Incident Response Engineer to lead security incident response and investigation efforts supporting US federal government missions.

United States Full-time Lead Security Engineer
$106k-$221k
Cybersecurity SIEM
9 hours, 13 minutes ago
Ping Identity

Senior IAM Architect

Ping Identity 1K-5K IT Services

Ping Identity is hiring a Senior IAM Architect to lead its internal identity and access management practice across workforce and customer environments, with the goal of keeping the company’s identity platforms secure, scalable, and operationally effective.

United States Full-time Lead Security Engineer
$137k-$180k
CI/CD OAuth OpenID Connect REST API SAML Terraform
9 hours, 28 minutes ago
Accenture

GRC Process Architect

Accenture 100K+ Professional Services

Accenture Federal Services is hiring a Security Architect to strengthen federal security architecture by identifying enterprise risks, guiding secure-by-design solutions, and improving architecture across systems, applications, and cloud environments.

United States Full-time Senior Security Engineer
$91k-$185k
Agile Network Security SFTP TLS
9 hours, 28 minutes ago
Ping Identity

Cyber Security Engineer III

Ping Identity 1K-5K IT Services

Ping Identity is hiring a Cyber Security Engineer III to strengthen and automate security operations across its SaaS and enterprise systems, with a focus on incident response, secure system design, and security engineering.

United Kingdom Full-time Senior Security Engineer
AWS Docker GCP Go Kubernetes
9 hours, 28 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers