Skip to content
RampRampNew York, NY

Senior Security Engineer, Endpoint

Architect endpoint security posture for macOS, Windows, and mobile fleets at Ramp. Build MDM policies as code with Terraform/GitOps, automate patching and software distribution, mine telemetry for detections, and shape security for an agentic AI future. Requires deep macOS/MDM experience and strong IaC skills.

172k – 236k
Hybrid5+ YOESecurity Engineering

About the role

What You’ll Do

  • Write and ship MDM policy as code — configuration profiles, remediation scripts, and enforcement rules across macOS, Windows, and mobile — with staged rollouts and rollback from day one
  • Build patch automation that closes exposure windows fast without making employees' lives worse
  • Manage software distribution across the fleet
  • Mine fleet telemetry for signal — build dashboards, drift alerts, and AI-assisted automation that cuts toil before it compounds
  • Own managed browser and extension policy: enforce what's allowed, block what isn't, and keep the control plane auditable as the surface grows
  • Be the last line of defense on endpoint escalations that IT Operations can't crack

What You Need

  • Deep macOS security experience — Jamf Pro, FleetDM, or equivalent MDM at scale
  • Strong IaC fundamentals and a GitOps delivery model — Terraform modules, remote state, and CI pipelines shipped through MRs and code review, not tickets and manual steps
  • Solid working knowledge of Google Workspace in a managed enterprise environment, including Chrome Browser Cloud Management and extension policy enforcement
  • A point of view on how agentic AI changes the corporate security surface

Nice-to-Haves

  • Have shipped real work with open source endpoint and device management tooling
  • Have built automated, progressive rollout systems based on fleet telemetry
  • Have managed a mixed fleet — macOS, Windows, and mobile — with real depth on at least one platform
  • Have put AI to work on real operational problems, not just prototyped

Benefits

  • Flexible PTO
  • Unlimited AI token usage
  • Centralized home-office equipment ordering
  • Health and wellness stipend
  • Budget for intra-office travel
  • Weekly coffee stipend
  • 100% medical, dental & vision insurance coverage (US)
  • 401(k) with employer match
  • Fertility HRA (up to $10,000 per year)
  • Parental leave: up to 16 weeks at 100% pay
  • Pet insurance
  • In-office perks: lunch, snacks, drinks
  • Relocation support to NYC or SF

Skills

Macos SecurityMDMJamf ProFleetdmTerraformGitOpsIacGoogle WorkspaceChrome Browser Cloud ManagementEndpoint SecurityPatch ManagementTelemetry Analysis
Snowflake

Senior Security Architect, Applied Field Engineering (AFE)

SnowflakeMenlo Park, CA +2

Drives strategic customer engagements to architect secure AI and data platforms on Snowflake, transitioning from legacy security to unified architectures with AI governance, IAM, and compliance. Requires 5+ years in security, data, or AI engineering with strong customer-facing skills.

172k – 226k
On-site5+ YOESecurity Engineering
Snowflake

Senior Security Architect, Applied Field Engineering (AFE)

SnowflakeNew York, NY +1

Drives strategic customer engagements to architect secure data platforms on Snowflake, focusing on AI security, identity management, and modern SecOps. Partners with sales and engineering to transition customers to unified security architectures with 5+ years experience in security or data engineering.

172k – 226k
Hybrid5+ YOESecurity Engineering
Upstart

Senior Manager, Technology Risk

UpstartUnited States

Lead second-line technology and information security risk oversight for a de novo national bank, establishing the 2LOD technology risk framework and providing independent oversight of IT, cybersecurity, and cloud infrastructure.

172k – 238k
Remote8+ YOESecurity Engineering
Rokt

GRC Automation & Assurance Lead

RoktNew York, NY

Lead GRC audit, assurance, and compliance programs while architecting and shipping AI agents to automate evidence collection, control testing, questionnaires, and audit prep for ISO 27001 and SOC 2.

174k – 215k
On-site4+ YOESecurity Engineering
Illumio

Sr. Threat Researcher

IllumioSunnyvale, CA

Senior Threat Researcher analyzes large-scale security datasets to identify attacker TTPs, maps threats to MITRE ATT&CK, and collaborates with product teams to enhance detection, risk insights, and segmentation strategies at a cybersecurity firm. Requires 5+ years in threat research or related fields.

170k – 196k
On-site5+ YOESecurity Engineering