Enterprise Security Engineer at WRITER
Ready to build a security fortress that empowers, not hinders? WRITER is seeking an experienced Enterprise Security Engineer to safeguard our corporate infrastructure and champion a security-first culture. We believe strong security is a business enabler, not a roadblock. If you're passionate about blending practical security engineering with business enablement, let's talk!
As our Enterprise Security Engineer, you'll be at the forefront of designing and implementing robust security measures across our entire enterprise environment, encompassing identity, endpoints, devices, and SaaS applications. You'll collaborate closely with our Cloud/Infrastructure, GRC, Detection & Response, and Software Security Engineering teams to architect seamless, secure, and scalable systems.
Your Mission: Secure the Enterprise
Here's what you'll be responsible for:
Employee Identity & Access Management: Streamline IAM processes through automation, design and deploy enterprise-wide identity and authentication solutions, and manage IGA, PAM, and cloud-native IAM platforms. You'll own all human/employee identities.
Endpoint & Device Security: Architect and maintain our endpoint security strategy, deploying and managing enterprise browsers, EDR, DLP, AV, and other critical security tools. Implement device hardening and automated compliance checks to proactively mitigate risks.
Mobile Device Management (MDM): Design and operate MDM for iOS, Android, and corporate-owned devices. Create compliance policies, integrate MDM with conditional access and zero trust, and manage BYOD programs with a focus on balanced security and privacy controls.
SaaS & Third-Party Security: Evaluate and secure third-party SaaS applications, conduct technical security assessments of SaaS vendors, and implement robust SaaS security strategies.
Endpoint Zero Trust Implementation: Deploy endpoint/user-focused Zero Trust security frameworks, implement device trust, continuous verification, and user behavior analytics, and create conditional access policies based on device health and user risk.
Automation & Operations: Automate security processes with Python, PowerShell, or similar scripting languages. Maintain runbooks and automation for security reviews, support and troubleshoot IAM systems across platforms, and drive data-informed prioritization for security initiatives.
Role Boundaries & Collaboration
You Own:
Employee identity management (SSO, MFA, IGA, PAM)
Endpoint protection (EDR, AV, DLP)
Device trust and endpoint zero trust
Mobile device management (MDM)
SaaS application security
Vendor/partner access management
Others Lead:
Infrastructure/service identity (Cloud/Infrastructure)
Customer identity (Software Security Engineering)
Network zero trust (Cloud/Infrastructure)
Third-party risk program leadership (GRC - you implement technical controls)
Key Partnerships:
Cloud/Infrastructure: You manage human identity; they manage machine identity.
GRC: They define vendor risk requirements; you implement technical assessments.
Detection & Response: You deploy endpoint tools; they monitor for threats.
Software Security Engineering: Clear separation at employee vs. customer identity boundary.
Are You the Right Hero?
We're looking for someone with:
Required Experience:
8+ years in enterprise security engineering (IAM & endpoint protection focus)
5+ years implementing identity solutions at scale (1,000+ users)
A proven track record of automation with measurable process improvements
Deep expertise with Okta, Ping, Azure AD, CrowdStrike, SentinelOne, CyberArk
Strong scripting skills (Python, PowerShell)
Technical Expertise:
Expert knowledge of SAML, OAuth, OIDC
Proficiency with EDR platforms, MDM solutions (Jamf, Intune, Workspace ONE, MobileIron)
Experience with DLP, insider threat programs, and endpoint/user zero trust
Familiarity with SOC2, ISO 27001, GDPR, HIPAA
Execution & Impact:
A history of cutting manual processes by 50%+ through automation
Proven ability to improve MTTR for access-related incidents
Experience driving security initiatives that accelerate business growth
Bonus Points (Preferred Qualifications):
Experience securing AI/ML development environments
Background in browser security & secure web gateway implementation
Knowledge of container/Kubernetes security
Contributions to open-source security projects
Experience with SOAR platforms
Perks & Benefits (UK Full-Time Employees)
We value our employees and offer a comprehensive benefits package, including:
Generous PTO, plus company holidays
Comprehensive medical and dental insurance
Paid parental leave for all parents (12 weeks)
Fertility and family planning support
Early-detection cancer testing through Galleri
Competitive pension scheme and company contribution
Annual work-life stipends for:
Home office setup, cell phone, internet
Wellness stipend for gym, massage/chiropractor, personal training, etc.
Learning and development stipend
Company-wide off-sites and team off-sites
Competitive compensation and company stock options