Staff IT Security Engineer

• →Enterprise Security Operations: Manage and execute day-to-day enterprise security operations across corporate systems, including SaaS security posture, IdP, endpoint, vulnerability management, and access governance, leveraging AI-assisted tooling to accelerate triage, analysis, and documentation at scale.
• →Identity & Access Management: Execute complex Okta/IdP changes and maintain configurations for auth policies, adaptive MFA, SCIM provisioning, RBAC group management, and lifecycle automation. You will coordinate and execute access reviews across the enterprise to enforce least-privilege remediation, using AI tooling to summarize findings and draft stakeholder follow-ups.
• →AI Security & Governance: Be crucial in defining AI security by reviewing AI tool permissions, connector/integration configurations, and data-sharing settings. You will build and maintain AI-powered security automation—designing and operating agentic pipelines to automate repeatable security workflows (like app approval triage and access review summarization) and ensuring the security architecture of those pipelines is sound.
• →Detection & Response: Drive detection and response efforts by authoring CrowdStrike IOAs/IOCs, writing SIEM queries, and tuning alerts to reduce noise without losing coverage. You will handle incident triage, scoping, and containment, and produce post-mortem documentation in partnership with a senior engineer.
• →Risk & Compliance: Conduct vendor and SaaS tool security reviews (intake, risk evaluation, remediation tracking, and sign-off coordination). Produce security metrics and reporting for operational tracking and CISO/exec audiences.

What You'll Need

• →Experience: 5–8+ years in enterprise/corporate security with hands-on depth in at least two of the following areas: identity (Okta), endpoint (CrowdStrike/Kandji), SaaS security, or detection engineering.
• →Autonomy & Ownership: You are a self-starter and self-managing, capable of working problems independently from initial triage through remediation; you execute independently within defined program direction.
• →Technical Skills: Ability to regularly write code or scripts (Python, Bash, or similar) to automate reviews, build detections, or debug configuration issues without looping in engineering.
• →AI Curiosity: A genuine curiosity about AI security is essential, and you are already thinking about risks from LLMs, agents, and AI-native tooling.
• →Communication: Excellent communication skills are paramount for coordinating cross-functional partners (Legal/Privacy, Engineering, IT) and presenting clear, tactical, and operational decisions to both technical teams and executive audiences.

Nice-to-Haves

• →Experience with DLP, SaaS security reviews, or third-party vendor risk processes.
• →Familiarity with AI tool governance: acceptable use, tool inventories, and data classification in AI contexts.
• →CrowdStrike detection engineering experience (custom IOAs, Falcon LogScale).
• →Familiarity with zero-trust architecture patterns, ZTNA, or CASB/SSPM tooling.
• →Python or scripting depth beyond basic automation.
• →Prior experience at a high-growth tech company with a small security team and large scope.

At Amplitude, our values guide how we show up for one another and for our customers:

• Humility: We operate from a place of empathy and openness, seeking to understand many points of view.
• Ownership: We take the initiative to solve problems that drive our shared company success.
• Growth Mindset: We’re tenacious in the face of challenges and seek feedback in order to grow ourselves and others.
• Customer Centricity: We put the customer at the center of everything we do and are deeply committed to their success.