Key skills
AWSAzureGCPAzure ADEntra IDOAuthOktaSAMLSSOCloud Security
About this role
Turnkey is a developer-first infrastructure company focused on private key management and crypto security. They are seeking a Senior Corporate Security Engineer to enhance the security of Turnkey's corporate infrastructure, design security controls, and foster a strong security culture within the organization.
Responsibilities:
- Design, implement, and manage security for endpoints and distributed systems; deploy and operate our security stack (MDM, EDR/XDR, ZTNA, SSO); enforce zero-trust principles, least-privilege access, and hardening standards
- Lead initiatives around endpoint hardening, access controls, and vendor risk; conduct security design reviews, risk assessments, and vulnerability remediation; develop and enforce security policies and best practices
- Respond to security incidents with urgency and technical depth; collaborate on detection rules, alerts, and monitoring; automate workflows and create runbooks and playbooks to scale security operations efficiently
- Evangelize security best practices, build awareness programs, and partner with teams to embed 'secure by default' principles into workflows; serve as a trusted security advisor across the organization
Requirements:
- 5+ years of experience in corporate and/or enterprise security, IT security, or endpoint security engineering
- Hands-on experience with MDM Platforms (JAMF, Kandji, Intune, or similar)
- Hands-on experience with EDR/XDR solutions (Cloudstrike, SentinelOne, Microsoft Defender, etc.)
- Hands-on experience with Identity and Access Management (Okta, Azure AD/Entra ID, etc.)
- Hands-on experience with Authentication Protocols (SAML, OAuth, OIDC, SCIM, etc.)
- Hands-on experience with Zero-trust principles (device trust, conditional access, least-privilege models)
- Cloud security experience (AWS, GCP)
- macOS security expertise (architecture, hardening, and fleet management)
- Security-first mindset with practical knowledge of defense-in-depth and risk-based security
- Crypto/web3 or FinTech experience
- Detection/response experience: SIEM, log analysis, threat hunting, or SOC operations
- Knowledge of modern threat landscape: Adversary TTPs, phishing, insider threats, etc
- Security compliance experience: SOC 2, ISO 27001, or similar frameworks