Corporate Infrastructure Security Engineer

Remote, US

Segment logo
Apply now Apply later

Posted 1 month ago


Thousands of companies send their most sensitive data through Segment daily: personal data, user actions, and sensitive revenue metrics. Those companies have thousands (even millions) of customers each. Segment, as the platform that connects all customer data to insight, has to protect the sum of it all. That means keeping the data flowing through Segment safe and secure is our highest priority. With security concerns ever-evolving, it’s an incredibly significant and dynamic environment to work in.

As we add surface area to our product and infrastructure (to keep up with our rapid customer growth), this problem becomes more challenging. You’ll have to not only think about securing the individual pieces of the system, but also how to secure the overall system as it works in concert. We encounter new scale every single day, and with these new challenges comes opportunity for leadership.

Our customer data hub is helping companies achieve data nirvana, the blissful state you enter when all of your data is clean, complete, and accessible in your data warehouse and various analytics tools. Integrating with the Segment platform enables our customers and partners to access a new class of analytics models and marketing automation experiences. Though we have already thousands of companies being built on top of our analytics platform, we’ve only penetrated less than 1% of the market. We are building toward a world where all customer data is flowing through Segment.

However, because we are a customer-data hub, our corporate assets and offices are targets.  We need effective controls to prevent, detect and correct issues with our corporate infrastructure and manage our corporate assets. This is a top-tier business problem that you as a Corporate Infrastructure Security Engineer at Segment could dig into right away.



  • Help Segment take a BeyondCorp approach first to securing the enterprise network and its hosts, understanding that our growing population of global users is always traveling and using different networks
  • Design and implement corporate tooling to monitor the health of endpoints
  • Harden corporate network infrastructure including wireless, VPN, and endpoints
  • Assess corporate infrastructure security incidents and partner with SIRT for investigations
  • Partner with Corporate Infrastructure Security lead to create and implement a roadmap, which maps to our overall security roadmap: how we centrally manage and secure enterprise assets and infrastructure; how we monitor for and correct security issues; how we scale to manage a diverse set of employees at different offices worldwide; how we mature our corporate-security posture each year and keep up with our dynamic users
  • Roll out a modern set of protections for enterprise hosts and networks and create auditable processes to address risk
  • Support Security & IT compliance audits (ISO 27001, SOC 2 Type II)
  • Design and implement corporate IT and infrastructure security solutions
  • Be flexible and adjust your approach when your standard controls are causing pain for your users
  • Develop runbooks for solutions that are reliably executed by the team and you
  • Perform quarterly reviews of enterprise access and be ready to wow auditors with your control set and its effectiveness in interviews with them
  • Be a hands-on, technical researcher and contributor while your program is developing


  • You have 3+ years of experience in a DevOps, IT/Security, or SecEng role in a cutting-edge SaaS environment, including Linux users who still need your set of laptop security controls!
  • Proficiency across all OS: macOS, Windows, Linux, Android, iOS
  • BeyondCorp or ZeroTrust model experience
  • Solid development skills in a language such as Python, Golang, or Java 
  • Security Experience: Firewall/VPN, IDS, Email Security (DMARC), A/V, MDM, DLP, IAM
  • You are excited to work across the stack on a variety of different security challenges and initiatives
  • Authentication systems experience such as LDAP and SAML, and how to secure them
  • Bonus: You have a degree in Computer Science or related field; you have familiarity with AWS


Learn more about engineering at Segment by hearing from the engineers who work here, or attending an event.

Segment is an equal opportunity employer. We believe that everyone should receive equal consideration and treatment. Recruitment, hiring, placements, transfers, and promotions will happen based on qualifications for the positions being filled regardless of sex, gender identity, race, religious creed, color, national origin ancestry, age, physical disability, pregnancy, mental disability, or medical condition.

Job tags: AWS Golang Java LDAP Linux Python SAML Windows
Job region(s): North America Remote/Anywhere
Job stats:  1  0  0
  • Share this job via
  • or