Sr. Security Engineer, Enterprise Security
As the world's largest car sharing marketplace, Turo is growing fast and hiring talent in the US, Canada, the UK, France, and Australia! Our driven, down-to-earth team empowers you to push yourself, make a huge impact, and accelerate your career growth.
About the team:
Turo is searching for a highly motivated and versatile Sr. Security Engineer to spearhead our efforts in securing enterprise systems and data through the design, implementation, and continuous improvement of a comprehensive security framework. This role will focus heavily on building out Zero Trust principles across the organization, ensuring the integrity of our systems and protecting against emerging threats.
Key areas of focus include Advanced Email Security, Data Loss Prevention (DLP), Insider Threat prevention, Endpoint Security, Identity and Access Governance, Security Awareness Training, Configuration management and Infrastructure as Code, Incident Response (SOAR automation), Regulatory Compliance and SaaS Security Posture.
The successful candidate will be an expert in these domains and have a proactive mindset for staying ahead of potential threats and regulatory requirements.
What You’ll Do:
- Lead the implementation of Zero Trust security frameworks across the enterprise, focusing on continuous verification and least privilege access models.
- Develop and manage Advanced Email Security solutions to protect against phishing, spoofing, and other email-based attacks.
- Deploy and maintain Data Loss Prevention (DLP) technologies to prevent unauthorized access or exfiltration of sensitive data.
- Implement and enhance Insider Threat prevention programs to mitigate risks from internal actors.
- Manage and optimize Endpoint Security solutions to safeguard all corporate devices.
- Oversee Identity and Access Governance solutions to enforce secure and efficient access control policies.
- Ensure ongoing compliance with SOX and SOC 2 standards, performing regular audits and gap assessments.
- Deliver Security Awareness Training programs to educate employees on the latest security threats and best practices.
- Advocate for and deploy Infrastructure as Code to automate security configurations and infrastructure, specifically using Terraform.
- Lead Incident Response efforts for enterprise security, developing automation playbooks and conducting root cause analysis to mitigate security incidents swiftly.
- Establish and maintain a robust SaaS Security Posture to ensure third-party services are securely integrated.
- Collaborate with cross-functional teams to integrate security into all stages of the Software Development Life Cycle (SDLC).
Your profile:
- Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience.
- 5+ years of experience in enterprise security, with a focus on Zero Trust, Advanced Email Security, DLP, and Endpoint Security.
- Proven experience in Zero Trust architecture design and implementation.
- Strong knowledge of identity governance frameworks, SaaS security, and compliance requirements like SOX and SOC 2.
- Experience with Incident Response and advanced threat detection methodologies.
- Proficiency in scripting and automating security processes using Python, PowerShell, or similar languages.
- Experience with configuration management and infrastructure as code tools (e.g., Ansible, Terraform).
- Experience working on cloud infrastructure, especially AWS and its Security services suite.
- Solid understanding or experience working in containerized environments and familiarity with GitOps flow.
- Real passion for technology and desire to build tooling from ground-up and to tackle complex problems with creative solutions.
- Strong presentation, facilitation, and written/verbal communication skills.
- Industry certifications such as CISSP, CISM, CEH, or GIAC are a plus.
The San Francisco base salary target range for this full-time position is $140,000-$175,000 + bonus + equity + benefits. Our salary ranges are determined by role, level, and location. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position in this location. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training.
We are committed to building a diverse team. If you are from a background that's underrepresented in tech, we'd love to meet you.
Turo is an Equal Opportunity Employer and a participant in the U.S. Federal E-Verify program. Women, minorities, individuals with disabilities and protected veterans are encouraged to apply. We welcome people of different backgrounds, experiences, abilities and perspectives.
Turo will consider qualified applicants with criminal histories in a manner consistent with the San Francisco Fair Chance Ordinance, as applicable.
We welcome candidates with physical, mental, and/or neurological disabilities. If you require assistance applying for an open position, or need accommodation during the recruiting process due to a disability, please submit a request to People Operations by emailing PeopleOps@turo.com .
#J-18808-Ljbffr