Senior Enterprise Security Engineer

Life360 is a company dedicated to keeping families connected through innovative technology. As a Senior Enterprise Security Engineer, you will be responsible for designing and operating security controls that protect the company's systems and data, while collaborating with various teams to enhance security posture and compliance.

Responsibilities:

• Develop systems and tools that improve the security posture of Life360's DLP, device hardening, SaaS, and zero trust layers
• Execute security strategy and policy for Life360-built services and SaaS applications
• Review and provide architectural guidance on infrastructure systems, fleet management, and automation
• Own EDR agent deployment health and coverage across the endpoint fleet, ensuring CrowdStrike Falcon agents are installed, current, and correctly configured on every managed device; identify and close coverage gaps in partnership with IT and D&R
• Partner with D&R on log source enablement, ensuring corporate systems (Kandji, Intune, Slack, Box, Google Workspace) emit the telemetry D&R needs for detection and investigation, without owning the detection logic itself
• Build and operate agent-assisted workflows that take action across endpoint, SaaS, and awareness domains — directing AI more than doing the work by hand, with appropriate guardrails on anything that touches sensitive data or production systems
• Automate the boring parts using Python, Tray.io, Lambda, and AI agents to eliminate manual toil across endpoint, SaaS, and corporate security workflows
• Engineer controls that satisfy SOC 2 and privacy requirements across device and SaaS layers, partnering with GRC on evidence collection and audit readiness
• Own the security awareness program end-to-end, including developing and delivering training, running phishing simulations, tracking and reporting metrics, and continuously improving the program to drive measurable behavior change

Requirements:

• 5+ years in security engineering with deep hands-on ownership of endpoint security (Kandji/Intune/Jamf/CrowdStrike), SaaS security, or DLP
• Hands-on AWS security experience, including IAM policies, CloudTrail. You can investigate cloud activity end-to-end and design guardrails that actually hold
• Advanced knowledge of operating systems with core competency in two or more of: device hardening (macOS, Windows), SaaS security, DLP, or assurance and validation
• Experience securing corporate email infrastructure, including SPF, DKIM, DMARC, and anti-phishing controls in Google Workspace or equivalent
• Experience designing and operating zero trust access controls, including device trust signals, conditional access, and contextual access policies
• Proven track record driving the implementation of preventative controls
• Experience managing EDR fleet health at scale, including agent deployment, version currency, policy compliance, and coverage gap remediation (CrowdStrike Falcon preferred)
• Fluent AI user. You use Claude, Cursor, Claude Code, or equivalent as a daily driver; you know when to trust an LLM output and when not to; you've shipped automations or agents that actually work in production
• Comfortable building with APIs and MCP, not just configuring GUIs
• Clear, direct communicator who pushes back on risk and drives alignment with IT, Engineering, and leadership
• Strong collaborator who prioritizes ruthlessly and operates independently under minimal supervision
• Bias for engineering over ticketing; zero-trust mindset grounded in pragmatism
• Bachelor's degree or equivalent
• OSCP, GIAC or equivalent advanced certs
• Experience building agent-assisted security workflows with MCP servers
• Experience with DLP tooling
• Familiarity with compliance frameworks (SOC 2, ISO 27001, NIST CSF)