Key skills
AIAgenticOktaSaaSLeadershipStakeholder ManagementCommunicationCollaboration
About this role
Outreach is a complete agentic AI platform for revenue teams, and they are seeking a Senior Staff Security Engineer to lead their Corporate Security program. The role involves improving email security, managing vulnerabilities, and enhancing endpoint security while partnering with IT and Security teams to reduce enterprise risk.
Responsibilities:
- Own and continuously improve our email security posture, including configuration hardening, policy management, abuse reduction, and safe enablement of business workflows
- Design, implement, and tune Data Loss Prevention (DLP) controls to reduce accidental and intentional data exposure across endpoints and collaboration workflows (e.g., email and file sharing)
- Lead the vulnerability and patch management program for corporate endpoints and back-office systems—defining SLAs, improving coverage and accuracy, and driving remediation with IT and system owners
- Own our endpoint security strategy for workstations, including baseline hardening, AV/EDR coverage and tuning, and continuous improvements to device posture
- Own and lead phishing and account compromise prevention for employees, including training, periodic phishing tests, and responding to reports
- Partner with IT and Security teammates to strengthen identity security in Okta and Entra, focusing on practical controls like MFA enforcement, conditional access patterns, and reducing over-privilege
- Operate and improve core security tooling (e.g., AV/EDR, vulnerability management, security awareness and phishing simulation platforms), and establish metrics that clearly communicate coverage, risk reduction, and operational health
- Provide senior technical leadership: influence standards, write clear documentation and runbooks, and drive cross-functional execution without relying on incident response ownership as the operating model
Requirements:
- 5+ years of experience in enterprise security / corporate security / IT security, with demonstrated ownership of endpoint and back-office security capabilities
- Strong hands-on background in email security concepts and operations (policy design, controls tuning, and reducing phishing/business email compromise risk)
- Practical experience implementing and maintaining DLP and data protection controls in a way that balances risk reduction with employee productivity
- Experience running vulnerability management and patch compliance programs: defining remediation SLAs, improving asset visibility, and partnering with IT/system owners to close findings
- Experience with a modern, cloud-based, SaaS-centered environment
- Hands-on experience with AV/EDR operations and endpoint hardening best practices for modern workstation fleets
- Working knowledge of identity fundamentals and enterprise identity platforms (Okta and/or Entra), including MFA and conditional access patterns
- Excellent stakeholder management and communication skills, with the ability to turn security requirements into clear, achievable engineering work across teams