Staff Enterprise Security Engineer - Office of CISO

Founded in 2017, Obsidian Security was created to close a critical gap: securing the SaaS applications where modern business happens—platforms like Microsoft 365, Salesforce, and hundreds more. Backed by top investors including Greylock, Norwest Venture Partners, and IVP, we’ve built a complete SaaS security platform to reduce risk, detect and respond to threats, and prevent breaches at the source. Our team includes leaders who helped define the categories of endpoint and identity security at CrowdStrike, Okta, Cylance, and Carbon Black. Now, we’re transforming how SaaS is secured—in the era of agentic AI. Today, Obsidian is trusted by global enterprises like Snowflake, T-Mobile, and Pure Storage. We protect more than 200 organizations across North America, Europe, the Middle East, Southeast Asia, Australia, and New Zealand—including many of the world’s largest Fortune 1000 and Global 2000 companies. With strong global momentum, a growing partner ecosystem including SentinelOne, Databricks, and Google Cloud, and a major fundraise on the horizon, we’re scaling quickly toward long-term growth and IPO readiness. Join us as we define the future of SaaS security! Staff Enterprise Security Engineer - Office of CISO Overview We are seeking a highly technical, hands-on security leader to advance and scale our enterprise security program. This role will design, implement, and operate security solutions across Obsidian’s global corporate environment, driving automation, maturity, and integration of security and regulatory controls. Reporting to the Head of Security, you will work cross-functionally with Engineering, Product, IT, GRC, and Business functions, and play a key role in strengthening the security posture in a fast-growing, cloud-native startup. Key Responsibilities Architect, implement, and operate enterprise security systems and tooling (EDR, SIEM, SaaS security, CNAPP, MDM, etc.) Secure and automate IT environments (Google Workspace, M365, Salesforce, Slack, etc.) Design and oversee security controls for AI systems Strengthen IAM/PAM, enforce least privilege, and implement zero-trust principles Build detection, response, and automation workflows for incidents Lead vulnerability management, access reviews, and red teaming support Improve security documentation, playbooks, and operational processes Support GRC efforts (SOC 2, ISO 27001, audits, third-party risk, security reviews) Drive security awareness and overall posture maturity Requirements 6+ years in security engineering/operations. Level commensurate with experience Strong experience across domains: EDR, SIEM, IAM/PAM, network endpoint security, posture management, SOAR Experience with modern SaaS/cloud environments Scripting/automation skills (e.g., Python preferred) Ability to collaborate cross-functionally and communicate security practices effectively Ownership mindset, strong judgment, and ability to thrive in a fast-paced startup What We Offer High-impact role in a fast-growing cybersecurity company Collaborative, mission-driven culture Opportunities for growth, research, and conference participation Competitive compensation, equity, and benefits Employee Benefits Our competitive benefits packages are designed to support our employees' well-being, both at work and at home. Our US based employees enjoy: Competitive compensation with equity and 401k Comprehensive healthcare with dental and vision coverage Flexible paid time off and paid holiday time off 12 weeks of new parent or family leave Personal and professional development resources For more details on our US benefits, or for information on our international benefits, please see here . Pay Transparancy Please note that the base pay range is a guideline and for candidates who receive an offer, the base pay will vary based on factors such as work location, as well as the knowledge, skills and experience of the candidate. In addition to a competitive base salary, this posi ... (truncated, view full listing at source)