Architect endpoint security posture for macOS, Windows, and mobile fleets at Ramp. Build MDM policies as code with Terraform/GitOps, automate patching and software distribution, mine telemetry for detections, and shape security for an agentic AI future. Requires deep macOS/MDM experience and strong IaC skills.
172k – 236k
Hybrid5+ YOESecurity Engineering
About the role
What You’ll Do
Write and ship MDM policy as code — configuration profiles, remediation scripts, and enforcement rules across macOS, Windows, and mobile — with staged rollouts and rollback from day one
Build patch automation that closes exposure windows fast without making employees' lives worse
Manage software distribution across the fleet
Mine fleet telemetry for signal — build dashboards, drift alerts, and AI-assisted automation that cuts toil before it compounds
Own managed browser and extension policy: enforce what's allowed, block what isn't, and keep the control plane auditable as the surface grows
Be the last line of defense on endpoint escalations that IT Operations can't crack
What You Need
Deep macOS security experience — Jamf Pro, FleetDM, or equivalent MDM at scale
Strong IaC fundamentals and a GitOps delivery model — Terraform modules, remote state, and CI pipelines shipped through MRs and code review, not tickets and manual steps
Solid working knowledge of Google Workspace in a managed enterprise environment, including Chrome Browser Cloud Management and extension policy enforcement
A point of view on how agentic AI changes the corporate security surface
Nice-to-Haves
Have shipped real work with open source endpoint and device management tooling
Have built automated, progressive rollout systems based on fleet telemetry
Have managed a mixed fleet — macOS, Windows, and mobile — with real depth on at least one platform
Have put AI to work on real operational problems, not just prototyped
Senior Security Architect, Applied Field Engineering (AFE)
SnowflakeMenlo Park, CA +2
Drives strategic customer engagements to architect secure AI and data platforms on Snowflake, transitioning from legacy security to unified architectures with AI governance, IAM, and compliance. Requires 5+ years in security, data, or AI engineering with strong customer-facing skills.
172k – 226k
On-site5+ YOESecurity Engineering
Senior Security Architect, Applied Field Engineering (AFE)
SnowflakeNew York, NY +1
Drives strategic customer engagements to architect secure data platforms on Snowflake, focusing on AI security, identity management, and modern SecOps. Partners with sales and engineering to transition customers to unified security architectures with 5+ years experience in security or data engineering.
172k – 226k
Hybrid5+ YOESecurity Engineering
Senior Manager, Technology Risk
UpstartUnited States
Lead second-line technology and information security risk oversight for a de novo national bank, establishing the 2LOD technology risk framework and providing independent oversight of IT, cybersecurity, and cloud infrastructure.
172k – 238k
Remote8+ YOESecurity Engineering
GRC Automation & Assurance Lead
RoktNew York, NY
Lead GRC audit, assurance, and compliance programs while architecting and shipping AI agents to automate evidence collection, control testing, questionnaires, and audit prep for ISO 27001 and SOC 2.
174k – 215k
On-site4+ YOESecurity Engineering
Sr. Threat Researcher
IllumioSunnyvale, CA
Senior Threat Researcher analyzes large-scale security datasets to identify attacker TTPs, maps threats to MITRE ATT&CK, and collaborates with product teams to enhance detection, risk insights, and segmentation strategies at a cybersecurity firm. Requires 5+ years in threat research or related fields.