Security Engineer, Enterprise Infrastructure Security, Level 5

Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves live in the moment learn about the world and have fun together. The Companys three core products are Snapchat a visual messaging app that enhances your relationships with friends family and the world; Lens Studio an augmented reality platform that powers AR across Snapchat and other services; and its AR glasses Spectacles.

Snap Engineering teams build fun and technically sophisticated products that reach hundreds of millions of Snapchatters around the world every day. Were deeply committed to the well-being of everyone in our global community which is why our values are at the root of everything we do. We move fast with precision and always execute with privacy at the forefront.

Were looking for a Security Engineer to join our Enterprise Infrastructure Security (EIS) team!

What youll do:

• You will help design and operate the security controls that protect our corporate devices applications and infrastructure. Our teams scope is broad. Were looking for someone with deep expertise in a few areas and the curiosity to learn and collaborate across the rest:

  • Build and maintain execution control tooling such as endpoint agents binary allowlisting and related enforcement systems while driving resilient device posture through configuration standards hardening and continuous validation across endpoints BYOD browsers IoT lab network and IT systems

  • Architect and deploy device trust capabilities by defining and enforcing policies that validate device posture health and identity ensuring only trusted devices can access internal and SaaS applications

  • Secure corporate and SaaS applications including Google Workspace by establishing baseline configurations enforcing access governance managing browser policies and ensuring secure communication and data sharing across collaboration platforms

  • Build and operate enterprise vulnerability and risk management platforms establishing patching and configuration standards managing exceptions and reducing attack surface across operating environments

  • Design and operate secure networking and Zero Trust access controls ensuring that device trust identity and network segmentation principles are consistently enforced across corporate and SaaS environments

  • Partner with IT and identity platform teams to define security requirements for IAM IDP and SSO integrations ensuring strong authentication least-privilege access and alignment with Zero Trust principles across corporate and SaaS environments

  • Implement and enforce secure network architectures and firewall policies to protect on-premise infrastructure maintaining resilient security across datacenters PoP sites and manufacturing environments

• Conduct security reviews and partner with cross-functional teams to evaluate new and existing systems including AI tools and features providing actionable mitigation guidance that upholds access control boundaries protects sensitive data and enables the business to move securely while also managing exception handling and formal risk acceptance processes

Knowledge Skills & Abilities:

• Proven experience designing building and maintaining corporate security controls with depth in areas such as device posture management endpoint agents/binary allowlisting or SaaS application security

• Advanced knowledge of operating system internals and hardening with competency across two or more of the following: macOS Windows Linux mobile (iOS/Android) IoT or cloud environments (AWS GCP)

• Strong understanding of corporate networking concepts and protocols (e.g. VPNs firewalls DNS TLS identity-aware networking) and their role in enforcing device and application security

• Experience conducting security design reviews and providing actionable mitigation guidance that balances business enablement with risk reduction

• Strong development or scripting skills (Python Go or equivalent) for building integrations automating workflows and scaling security platforms

Minimum Qualifications:

• Bachelor of Science in Computer Science Engineering Information Systems or equivalent years of experience in a related technical field

• 6 years of experience in the field of corporate or enterprise security or other similar security engineering role

Preferred Qualifications:

• Background evaluating and securely enabling emerging technologies including AI tools and features with a focus on upholding access control boundaries and data protection requirements

• Familiarity with securing lab IoT and ancillary systems including applying hardening standards monitoring and access controls across heterogeneous environments

• Excellent verbal and written communication skills with high attention to detail

• Work record of collaborating with internal and external stakeholders at all levels of a company

If you have a disability or special need that requires accommodation please dont be shy and provide us some information.

Default Together Policy at Snap: At Snap Inc. we believe that being together in person helps us build our culture faster reinforce our values and serve our community customers and partners better through dynamic collaboration. To reflect this we practice a default together approach and expect our team members to work in an office 4 days per week.

At Snap we believe that having a team of diverse backgrounds and voices working together will enable us to create innovative products that improve the way people live and communicate. Snap is proud to be an equal opportunity employer and committed to providing employment opportunities regardless of race religious creed color national origin ancestry physical disability mental disability medical condition genetic information marital status sex gender gender identity gender expression pregnancy childbirth and breastfeeding age sexual orientation military or veteran status or any other protected classification in accordance with applicable federal state and local laws. EOE including disability/vets.

We are an Equal Opportunity Employer and will consider qualified applicants with criminal histories in a manner consistent with applicable law (by example the requirements of the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring where applicable).

Our Benefits: Snap Inc. is its own community so weve got your back! We do our best to make sure you and your loved ones have everything you need to be happy and healthy on your own terms. Our benefits are built around your needs and include paid parental leave comprehensive medical coverage emotional and mental health support programs and compensation packages that let you share in Snaps long-term success!

Compensation

In the United States work locations are assigned a pay zone which determines the salary range for the position. The successful candidates starting pay will be determined based on job-related skills experience qualifications work location and market conditions. The starting pay may be negotiable within the salary range for the position. These pay zones may be modified in the future.

Zone A (CA WA NYC):

Zone B:

Zone C:

This position is eligible for equity in the form of RSUs.