Enterprise Security Engineer

Compa is a venture-backed AI startup revolutionizing the future of compensation. They are seeking an Enterprise Security Engineer to build and operate a security-first enterprise environment, focusing on identity, access, endpoints, and enterprise SaaS systems.

Responsibilities:

• Design, build, and operate Compa’s enterprise security systems, including identity, access control, endpoint management, and enterprise SaaS administration
• Own end-to-end identity and access workflows, including role-based access models, access packages, provisioning, deprovisioning, and ongoing access hygiene
• Support employees by ensuring reliable, secure access to the tools they need, resolving access and device issues with a strong bias toward durable, system-level fixes
• Implement security-first onboarding, offboarding, and access change processes that scale smoothly as the company grows
• Design and maintain integrations across enterprise security systems (identity, devices, SaaS, and supporting tooling) to ensure consistency, reliability, and scalability
• Automate wherever possible, reducing manual work and operational risk while improving reliability, auditability, and employee experience
• Operate and continuously improve endpoint and device management systems (for example: Jamf, Intune), balancing security requirements with usability
• Own the accuracy and consistency of enterprise security sources of truth, including users, devices, and applications
• Collaborate with the Security team on shared security operations responsibilities, helping improve detection, response, and investigation through better system design, signals, and operational readiness
• Continuously raise Compa’s defensive posture by evolving enterprise security controls such as just-in-time access, trusted devices, and zero trust, and by contributing to a strong internal security culture
• Support the security team with access reviews, audits, and investigations by providing high-quality system design, evidence, and operational context
• Maintain clear documentation, runbooks, and operational processes that enable resilience, self-service, and predictable failure modes
• Act as a force multiplier for the Security team by translating security intent into durable, well-designed enterprise systems that allow Compa to move fast, securely

Requirements:

• Demonstrated experience owning and operating enterprise systems such as identity providers, access management, endpoint management, or enterprise SaaS platforms
• Strong systems thinking: ability to reason about workflows, failure modes, scale, and operational risk
• Comfort designing access models and operational processes, not just executing tickets
• Ability to automate or significantly reduce manual operational work, and to improve systems over time
• Ability to support users effectively by diagnosing and resolving system issues with a bias toward durable fixes
• Clear written and verbal communication, especially around systems, trade-offs, and security implications
• Low ego, strong ownership mindset, and good judgment in ambiguous environments
• Gumption — experience working in high-growth or resource-constrained environments
• Experience operating identity and access management systems (for example: Microsoft Entra)
• Experience designing role-based access control, access reviews, and provisioning workflows
• Familiarity with compliance frameworks such as SOC 2 and supporting audits through system evidence
• Experience contributing to detection, response, or investigation through identity, device, or access signals
• Experience supporting organizations with high security and privacy expectations
• Interest in continuously improving defensive posture through controls such as just-in-time access, trusted devices, or identity-driven security
• Interest in growing into broader ownership over Enterprise Security or IT as the company scales