Security Engineer, Enterprise Infrastructure Security, Level 5

Security Engineer

Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together. The Company's three core products are Snapchat, a visual messaging app that enhances your relationships with friends, family, and the world; Lens Studio, an augmented reality platform that powers AR across Snapchat and other services; and its AR glasses, Spectacles.

We're looking for a Security Engineer to join our Enterprise Infrastructure Security (EIS) team!

What you'll do:

1. You will help design and operate the security controls that protect our corporate devices, applications, and infrastructure. Our team's scope is broad. We're looking for someone with deep expertise in a few areas and the curiosity to learn and collaborate across the rest:
   • Build and maintain execution control tooling such as endpoint agents, binary allowlisting, and related enforcement systems while driving resilient device posture through configuration standards, hardening, and continuous validation across endpoints, BYOD, browsers, IoT, lab, network, and IT systems
   • Architect and deploy device trust capabilities by defining and enforcing policies that validate device posture, health, and identity, ensuring only trusted devices can access internal and SaaS applications
   • Secure corporate and SaaS applications, including Google Workspace, by establishing baseline configurations, enforcing access governance, managing browser policies, and ensuring secure communication and data sharing across collaboration platforms
   • Build and operate enterprise vulnerability and risk management platforms, establishing patching and configuration standards, managing exceptions, and reducing attack surface across operating environments
   • Design and operate secure networking and Zero Trust access controls, ensuring that device trust, identity, and network segmentation principles are consistently enforced across corporate and SaaS environments
   • Partner with IT and identity platform teams to define security requirements for IAM, IDP, and SSO integrations, ensuring strong authentication, least-privilege access, and alignment with Zero Trust principles across corporate and SaaS environments
   • Implement and enforce secure network architectures and firewall policies to protect on-premise infrastructure, maintaining resilient security across datacenters, PoP sites, and manufacturing environments
2. Conduct security reviews and partner with cross-functional teams to evaluate new and existing systems, including AI tools and features, providing actionable mitigation guidance that upholds access control boundaries, protects sensitive data, and enables the business to move securely, while also managing exception handling and formal risk acceptance processes

Knowledge, Skills & Abilities:

• Proven experience designing, building, and maintaining corporate security controls, with depth in areas such as device posture management, endpoint agents/binary allowlisting, or SaaS application security
• Advanced knowledge of operating system internals and hardening, with competency across two or more of the following: macOS, Windows, Linux, mobile (iOS/Android), IoT, or cloud environments (AWS, GCP)
• Strong understanding of corporate networking concepts and protocols (e.g., VPNs, firewalls, DNS, TLS, identity-aware networking) and their role in enforcing device and application security
• Experience conducting security design reviews and providing actionable mitigation guidance that balances business enablement with risk reduction
• Strong development or scripting skills (Python, Go, or equivalent) for building integrations, automating workflows, and scaling security platforms

Minimum Qualifications:

• Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
• 6+ years of experience in the field of corporate or enterprise security, or other similar security engineering role

Preferred Qualifications:

• Background evaluating and securely enabling emerging technologies, including AI tools and features, with a focus on upholding access control boundaries and data protection requirements
• Familiarity with securing lab, IoT, and ancillary systems, including applying hardening standards, monitoring, and access controls across heterogeneous environments
• Excellent verbal and written communication skills, with high attention to detail
• Work record of collaborating with internal and external stakeholders at all levels of a company

If you have a disability or special need that requires accommodation, please don't be shy and provide us some information.

Default Together Policy at Snap: At Snap Inc. we believe that being together in person helps us build our culture faster, reinforce our values, and serve our community, customers and partners better through dynamic collaboration. To reflect this, we practice a "default together" approach and expect our team members to work in an office 4+ days per week.

At Snap, we believe that having a team of diverse backgrounds and voices working together will enable us to create innovative products that improve the way people live and communicate. Snap is proud to be an equal opportunity employer, and committed to providing employment opportunities regardless of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex, gender, gender identity, gender expression, pregnancy, childbirth and breastfeeding, age, sexual orientation, military or veteran status, or any other protected classification, in accordance with applicable federal, state, and local laws. EOE, including disability/vets.

We are an Equal Opportunity Employer and will consider qualified applicants with criminal histories in a manner consistent with applicable law (by example, the requirements of the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, where applicable).

Our Benefits: Snap Inc. is its own community, so we've got your back! We do our best to make sure you and your loved ones have everything you need to be happy and healthy, on your own terms. Our benefits are built around your needs and include paid parental leave, comprehensive medical coverage, emotional and mental health support programs, and compensation packages that let you share in Snap's long-term success!

Compensation: In the United States, work locations are assigned a pay zone which determines the salary range for the position. The successful candidate's starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. The starting pay may be negotiable within the salary range for the position. These pay zones may be modified in the future.

Zone A (CA, WA, NYC): The base salary range for this position is $209,000-$313,000 annually.

Zone B: The base salary range for this position is $199,000-$297,000 annually.

Zone C: The base salary range for this position is $178,000-$266,000 annually.

This position is eligible for equity in the form of RSUs.