ForgeApply · Job listing
Security Engineer, Enterprise
Persona
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
About Persona
Persona https://withpersona.com/ is the configurable identity platform built for businesses in a digital-first world. Verifying individuals and organizations is harder — but more important — than ever, with AI enabling fraudsters to launch sophisticated accounts at scale and regulations evolving rapidly.
We’ve built Persona to support practically every use case and industry — that’s why we’re able to serve a wide range of leading companies. For example, Reddit relies on Persona for age assurance and verification to comply with online safety regulations, protecting younger users while maintaining a seamless experience. Meanwhile, OpenAI relies on Persona to keep bad actors out, protecting one of the world’s most powerful AI platforms from large-scale abuse in a time when AI is reshaping the way we work and live.
We’re growing rapidly and looking for exceptional people to join us!
ABOUT THE ROLE
Persona builds identity verification infrastructure where security isn't a layer we add later, it's core to everything we ship. When security fails at most companies, systems go down. At an identity verification company, real people's identities are compromised.
This is an enterprise security role embedded in a generalist security team. You'll work alongside experienced security engineers to defend Persona's people, devices, and systems against evolving threats - and build the tooling and automation that lets us do it at scale.
WHAT YOU’LL WORK ON
- Develop, tune, and operate endpoint detection and response (EDR) rules and tooling across our macOS environment
- Partner with TechOps to implement security best practices across SaaS and endpoint environments, including 2FA enforcement, automated device encryption, and DLP. You will develop and deploy these controls - not ask other teams to do so for you
- Build tools and automation to scale security controls and monitoring without scaling headcount
- Harden corporate infrastructure and SaaS applications against attack
- Translate endpoint and SaaS telemetry into actionable mitigations and control recommendations
- Build and operate insider threat detection and response programs
MUST-HAVES
- 3+ years of experience in IT security, corporate/enterprise security, or a related technical role. We'll flex on years of experience and specific tool background for candidates who demonstrate strong fundamentals, high aptitude, and a track record of figuring things out fast
- Hands-on experience with macOS endpoints, MDM platforms, and EDR tooling
- Experience with endpoint hardening. You’ve hardened endpoints, not written requirements asking someone else to do it
- Experience with DLP concepts and insider threat scenarios
- Experience with email security fundamentals and social engineering defense
- Ability to write scripts and automate workflows in Python, Ruby, Bash, or similar; comfortable with SQL
- Communicates clearly about security topics with non-technical stakeholders
- Experience in a high-growth startup or other fast-moving, resource-constrained environment
NICE TO HAVE
- Familiarity with identity and access management tooling (Okta, SCIM provisioning, SSO)
- Experience with Zero Trust or network access tools (Twingate, Cloudflare Access, or similar)
- Exposure to SIEM platforms, log aggregation, or detection engineering
- Familiarity with SaaS security posture management (SSPM) or CASB concepts
- You've worked somewhere where PII or sensitive data was the core product
THE TEAM
Small and senior by design. High ownership from day one — this isn't a team where your work disappears into a large org.
Based in SF. Relocation assistance available. Our in-office days are Tuesday - Thursday, with the option to work from home on Monday and Friday.
Benefits and Perks
For full-time US-based employees (excluding internship and contractor opportunities), Persona offers a wide range of benefits, including medical, dental, and vision, 3% 401(k) contribution, unlimited PTO, quarterly mental health days, family planning benefits, professional development stipend, wellness benefits, among others.
For full-time UK employees, Persona offers a wide range of benefits, including private medical insurance, dental insurance, a 6% employer pension contribution, unlimited PTO, a monthly wellness stipend, professional development stipend, co-working stipend, and more.
As part of our interview process, all candidates will be asked to verify their identity with Persona. This step is used solely to confirm that candidates are who they say they are, and will have no impact on hiring decisions.
Salary insight
The midpoint of this range ($175k) is about 14% below the median disclosed salary for San Francisco roles listed on ForgeApply ($203k across 6,260 jobs).
See full Security Engineer salary data for San Francisco →
Based on live postings with disclosed pay on ForgeApply; refreshed daily. Not an estimate of this employer's offer.
Ready to apply to Persona?
Apply in about a minuteSimilar jobs
- Security Engineer — Rain · New York, NY
- Security Engineer — Moment · New York, NY
- Security Engineer — Lambda · San Francisco Office (Fremont St)
- Security Engineer — Coinflow · Chicago
- Security Engineer — Artemis · New York City
- Security Engineer — Outmarket · Remote
- Security Engineer — Fireworksai · San Mateo, CA
- Security Engineer — Fanduel · New York City
More like this: Security & Cybersecurity Jobs · Security & Cybersecurity Jobs in San Francisco · More jobs at Persona · Browse all jobs