• 7 years of relevant security engineering work experience
• Experience with creating alignment and effective partnership with multiple teams on high impact projects while operating with ambiguity
• Background in security policy authorship and opaque product assessment
• DRI record of delivering large and high complexity projects that impact multiple teams
• History of providing technical direction, project review, and mentorship to peers and junior engineers
• Excel at owning the outcome and performance of solutions and controls delivered
• Consistently make culture choices that positively impact all Hoodies

Desirable

• We’re seeking curious, growth minded thinkers to help shape our vision, structures and systems; playing a key-role as we launch into our ambitious future
• The Corporate Security team’s mission is to ensure the security of Hoodie endpoints and corporate productivity SaaS
• As part of our Corporate Systems org, Corporate Security works alongside Corporate Applications (major SaaS sysadmins), Corporate Endpoints (fleet management), Corporate Networking (in-office connectivity), and Corporate Identity + Access (Okta Single Sign-On)
• Architect, build and proactively secure corporate infrastructure and services at scale, and securely enable business functions
• Implement strong enterprise controls such that security incidents are less likely to happen
• Have controls in place to limit the potential magnitude of an incident
• Validate our controls through technical risk and design reviews to ensure alignment with required security policies/standards
• Write security policies and guidelines to steer Hoodies on the paved road and away from security risk
• Perform risk assessments across SaaS to detect exposure and security mis-configurations in enterprise applications
• Help craft the integration and migration strategy for future mergers and acquisitions
• Design secure access controls using modern tools and techniques (e.g. WebAuthn, Okta SSO, Okta Identity Governance OIG, JIT access)
• Design endpoint state attestation tooling to ensure security configurations and a safe end user development platform (e.g., OSquery, JAMF, FleetDM, Kandji, Crowdstrike, SentinelOne, Cyberhaven, Code42)
• Design secure identity controls using Zero-Trust Identity-Aware Continuously-Evaluated policies (e.g., Managed Device Verification, Device Trust, Device Posture analysis)
• Oversight on Deploy Data Loss Prevention (DLP) solutions focusing on PII and PCI related data that may be in SaaS applications (e.g. Google Workspace, Jira, Confluence, Salesforce, ServiceNow)
• Light scripting or using "no code" workflow tools (e.g., Tines, Okta Workflows, Zapier)