Senior Corporate Security Engineer

Role Overview

• Lead the hardening and continuous improvement of corporate IT systems, endpoints, and third-party SaaS applications.
• Implement and maintain security controls for identity, endpoint, and network protection within corporate environments (e.g., SSO, MDM, email security, DLP).
• Conduct in-depth vendor security assessments, including technical and process evaluations of third-party products and services.
• In partnership with the compliance, BizOps, and IT teams, manage and mature the third-party risk management (TPRM) program — from onboarding assessments to continuous monitoring and remediation tracking.
• Collaborate with IT, procurement, legal, and compliance teams to ensure consistent enforcement of vendor security requirements.
• Develop and maintain security baselines, configurations, and policies for corporate technologies.
• Support internal audits, compliance reviews, and security awareness initiatives.

Requirements

• Strong understanding of endpoint, identity, and SaaS security best practices.
• Experience with third-party risk management processes and conducting in-depth vendor security reviews.
• Familiarity with corporate IT platforms (e.g., M365, Intune, Kandji, CrowdStrike, ZScaler, Proofpoint, etc.).
• Ability to assess cloud/SaaS vendors against frameworks such as SOC 2, HIPAA, ISO 27001, and CIS.

Tech Stack

• Cloud

Benefits

• Competitive compensation
• Comprehensive health benefits
• Generous PTO
• 401(k) matching
• Paid parental leave
• Hybrid work schedules
• Career development support
• Wellness programs
• Opportunities to give back through CR Cares™