Staff Enterprise Security Engineer - Office of CISO

Founded in 2017, Obsidian Security was created to close a critical gap: securing the SaaS applications where modern business happens—platforms like Microsoft 365, Salesforce, and hundreds more.

Backed by top investors including Greylock, Norwest Venture Partners, and IVP, we've built a complete SaaS security platform to reduce risk, detect and respond to threats, and prevent breaches at the source. Our team includes leaders who helped define the categories of endpoint and identity security at CrowdStrike, Okta, Cylance, and Carbon Black.

Now, we're transforming how SaaS is secured—in the era of agentic AI.

Today, Obsidian is trusted by global enterprises like Snowflake, T-Mobile, and Pure Storage. We protect more than 200 organizations across North America, Europe, the Middle East, Southeast Asia, Australia, and New Zealand—including many of the world's largest Fortune 1000 and Global 2000 companies.

With strong global momentum, a growing partner ecosystem including SentinelOne, Databricks, and Google Cloud, and a major fundraise on the horizon, we're scaling quickly toward long-term growth and IPO readiness. Join us as we define the future of SaaS security!

Staff Enterprise Security Engineer - Office of CISO

Overview

We are seeking a highly technical, hands-on security leader to advance and scale our enterprise security program. This role will design, implement, and operate security solutions across Obsidian's global corporate environment, driving automation, maturity, and integration of security and regulatory controls. Reporting to the Head of Security, you will work cross-functionally with Engineering, Product, IT, GRC, and Business functions, and play a key role in strengthening the security posture in a fast-growing, cloud-native startup.

Key Responsibilities

• Architect, implement, and operate enterprise security systems and tooling (EDR, SIEM, SaaS security, CNAPP, MDM, etc.)
• Secure and automate IT environments (Google Workspace, M365, Salesforce, Slack, etc.)
• Design and oversee security controls for AI systems
• Strengthen IAM/PAM, enforce least privilege, and implement zero-trust principles
• Build detection, response, and automation workflows for incidents
• Lead vulnerability management, access reviews, and red teaming support
• Improve security documentation, playbooks, and operational processes
• Support GRC efforts (SOC 2, ISO 27001, audits, third-party risk, security reviews)
• Drive security awareness and overall posture maturity

Requirements

• 6+ years in security engineering/operations. Level commensurate with experience
• Strong experience across domains: EDR, SIEM, IAM/PAM, network & endpoint security, posture management, SOAR
• Experience with modern SaaS/cloud environments
• Scripting/automation skills (e.g., Python preferred)
• Ability to collaborate cross-functionally and communicate security practices effectively
• Ownership mindset, strong judgment, and ability to thrive in a fast-paced startup

What We Offer

• High-impact role in a fast-growing cybersecurity company
• Collaborative, mission-driven culture
• Opportunities for growth, research, and conference participation
• Competitive compensation, equity, and benefits