Lead Security Engineer, Enterprise Security
$175,200–$262,800 year
On-site · Boston, Massachusetts, United States
Job Summary
Lead security engineer on the Enterprise Security team responsible for securing Klaviyo’s corporate systems and platforms across SaaS apps, IAM, endpoints, Zero Trust architecture, and perimeter security. Deliver cross-functional projects end-to-end, establish design patterns and standards, mentor engineers, and drive an AI-first security approach across design, prototyping, and deployment. Partner with Engineering, IT, and security teams to mature programs, expand IAM/JITA, privilege management, SSO/SCIM integrations, mature Cloud/endpoint security, and Cloudflare WAF/policy controls, while contributing to security architecture and lifecycle of critical applications.
Required Qualifications
- 7+ years of experience in security or infrastructure engineering roles with ownership of enterprise security domains (SaaS security, IAM, Zero Trust, endpoint security, cloud-delivered security services)
- Hands-on by default: policy-as-code, architecture review, production issue debugging
- Proficiency with Terraform for infrastructure-as-code
- Experience operating in AWS environments with cloud security services, IAM policies, and secure architecture patterns
- Experience with enterprise IdP solutions such as Okta, AWS Cognito
- Experience with enterprise security tooling such as Cloudflare (WAF, gateway), Wiz (CNAPP/cloud security), and CrowdStrike (EDR/endpoint)
- Knowledgeable in secrets management, JITA, modern identity patterns (SSO, SCIM, privileged access workflows including SAML 2.0, SCIM, OAuth and OIDC)
- Mentoring engineers and influencing technical standards
- Nice to have: GCP or Azure, Spacelift for IaC, AI agent development, securing AI coding platforms
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.