Senior Security Engineer

At Semperis, our mission is to be a Force for Good. Starting with being a great place to work. We believe that when people feel valued, supported, and empowered, they do their best work. That’s why we focus on creating an employee experience rooted in purpose, growth, and balance. Semperis has been recognized as one of America’s Fastest-Growing Cybersecurity Companies by the Inc. 5000, a DUNS 100 Top Startup to Work For, and a multi-year Inc. Best Workplace awardee.

**Candidates must be U.S. citizens to be considered for this role.

About the Role

We’re looking for a hands‑on Senior Security Engineer with broad experience across enterprise security — identity, cloud, collaboration platforms, and endpoints. This is not a traditional SOC or Detection & Response role. Your focus will be on building, improving, and scaling the security controls, guardrails, and automation that protect a modern, cloud‑first environment.

You’ll work closely with engineering, IT, and compliance teams to strengthen our security posture, drive security initiatives end‑to‑end, and ensure our environments remain secure as we grow. Deep experience with cloud identity and access platforms is especially important. Experience with data protection (DLP/DSPM) is a strong plus.

What You Will Do

Identity & Access Security

• Engineer and operate identity security controls, including just‑in‑time access, privileged elevation, federation, conditional access, strong authentication, and least‑privilege patterns.
• Strengthen identity governance across cloud and enterprise environments, including role design, access reviews, and lifecycle processes.

Cloud Security & Governance

• Build and maintain cloud guardrails across multi‑cloud environments (policies, blueprints, configuration rules, organizational guardrails).
• Implement and tune cloud security posture / CNAPP capabilities to continuously monitor, prioritize, and reduce misconfigurations and exposed risks.
• Analyze cloud IAM configurations and identity behavior to identify risky patterns, excessive permissions, and gaps in controls.

Endpoint, Collaboration & Data Security

• Enhance endpoint security through EDR tuning, hardening baselines, and consistent configuration enforcement.
• Own key corporate security controls across email, collaboration, endpoints, cloud applications, and endpoint privilege management.
• Support data protection initiatives, including DLP/DSPM policies, classifications, and monitoring, with a focus on usable, business‑aligned controls.

Automation & Engineering

• Develop automation and tooling (for example, using scripting languages and workflow/serverless automation services) to improve visibility, consistency, and reduce manual effort.
• Build scalable, business‑aligned security controls that integrate smoothly into engineering, IT, and operational workflows.

Security Architecture & Cross‑Functional Work

• Contribute to the long‑term security architecture and strategy for identity, cloud, endpoints, and data protection.
• Lead small to medium security projects end‑to‑end: define scope, align stakeholders, implement, and follow through on outcomes.
• Collaborate with compliance and risk teams to maintain and audit controls aligned with relevant frameworks and certifications.
• Provide guidance and mentorship to cross‑functional teams on secure patterns and best practices.

What You Will Bring

• 5+ years of hands‑on experience as a Security Engineer with exposure to identity, endpoint, and cloud security.
• Strong understanding of identity security and governance (privileged access, strong authentication, conditional access, federation, access reviews, and role design).
• Experience with endpoint security (hardening, configuration baselines, detection and response capabilities).
• Experience with data protection (DLP/DSPM), endpoint privilege management (EPM), or privileged access management (PAM) solutions is a strong plus.
• Ability to script or automate using languages such as Python, PowerShell, or JavaScript.
• Experience building automation using workflow orchestration and serverless platforms (for example, runbooks, pipelines, and function‑as‑a‑service patterns).
• Strong understanding of IAM concepts and identity behavior across multi‑cloud environments.
• Experience implementing practical, business‑aligned security controls in cloud environments (experience in more than one major cloud is a plus).
• Ability to work independently, make informed decisions, and manage competing priorities.
• Experience collaborating with distributed teams and cross‑functional stakeholders.
• Familiarity with DevOps practices and Agile methodologies is a plus.

Why Join Semperis? You’ll be part of a global team on the front lines of cybersecurity innovation. At Semperis, we celebrate curiosity, integrity, and people who take initiative. If you’re someone who sees the glass as half full, embraces challenges as growth opportunities, and values a healthy balance between work and life—we’d love to meet you.

**Semperis maintains office locations in several cities across the globe. Candidates who reside within 45 miles of one of our offices—or where the job description specifies a required location—will follow our hybrid work model. This includes working onsite some days per week and remotely the remaining days.

SEMPERIS IS AN EQUAL OPPORTUNITY EMPLOYER AND WILL NOT DISCRIMINATE AGAINST AN APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, CREED, NATIONAL ORIGIN OR ANCESTRY, ETHNICITY, SEX (INCLUDING GENDER, PREGNANCY, SEXUAL ORIENTATION, AND GENDER IDENTITY), AGE, PHYSICAL OR MENTAL DISABILITY, VETERAN OR MILITARY STATUS, GENETIC INFORMATION, CITIZENSHIP, MARITAL STATUS, OR ANY OTHER LEGALLY RECOGNIZED PROTECTED BASIS UNDER FEDERAL, STATE, OR LOCAL LAW. THE INFORMATION COLLECTED BY THE SEMPERIS APPLICATION IS SOLELY TO DETERMINE SUITABILITY FOR EMPLOYMENT, VERIFY IDENTITY, AND MAINTAIN EMPLOYMENT STATISTICS.

APPLICANTS WITH DISABILITIES MAY BE ENTITLED TO REASONABLE ACCOMMODATION UNDER THE AMERICANS WITH DISABILITIES ACT AND/OR OTHER APPLICABLE STATE OR LOCAL LAWS. A REASONABLE ACCOMMODATION IS A CHANGE IN THE WAY THINGS ARE NORMALLY DONE WHICH WILL ENSURE AN EQUAL EMPLOYMENT OPPORTUNITY WITHOUT IMPOSING UNDUE HARDSHIP ON SEMPERIS. PLEASE INFORM SEMPERIS REPRESENTATIVE ANNA TAYLOR, DIRECTOR OF GLOBAL RECRUITING, IF YOU NEED ASSISTANCE COMPLETING THIS APPLICATION OR TO OTHERWISE PARTICIPATE IN THE APPLICATION PROCESS.