Corporate Security Engineer, Lead at Sierra

ABOUT US - At Sierra, we’re creating a platform to help businesses build better, more human customer experiences with AI. We are primarily an in-person company based in San Francisco, with growing offices in Atlanta, New York, London, Paris, Madrid, Munich, Singapore, Japan, and Sydney. - We are guided by a set of values that are at the core of our actions and define our culture: Trust, Customer Obsession, Craftsmanship, Intensity, and Family. These values are the foundation of our work, and we are committed to upholding them in everything we do. - Our co-founders are Bret Taylor [Upgrade to PRO to see link] and Clay Bavor [Upgrade to PRO to see link] Bret currently serves as Board Chair of OpenAI. Previously, he was co-CEO of Salesforce (which had acquired the company he founded, Quip) and CTO of Facebook. Bret was also one of Google's earliest product managers and co-creator of Google Maps. Before founding Sierra, Clay spent 18 years at Google, where he most recently led Google Labs. Earlier, he started and led Google’s AR/VR effort, Project Starline, and Google Lens. Before that, Clay led the product and design teams for Google Workspace.  WHAT YOU’LL DO - As the founding Corporate Security Engineer, Lead at Sierra, you will define and build our Corporate Security capability within IT — establishing the operating model, executing the initial roadmap, and shaping the function as it grows over time. - Own the centralized risk register and drive remediation across SaaS applications, integrations, endpoints, identity, and access paths. - Secure our SaaS and integration landscape by auditing and governing OAuth applications, Slack integrations, and third-party connections, and by establishing authorization controls and ongoing review processes. - Design and implement enforcement systems — automation and integrations that continuously enforce controls, detect and revoke unauthorized access, govern OAuth scopes, and monitor integration activity. - Improve endpoint and user-level visibility, working with existing endpoint management tooling to manage risk from user-installed applications and browser extensions. - Sequence a broader security roadmap across adjacent domains (DLP, IAM, Zero Trust, vendor security, detection and response, and more), and shape how the team grows over time. WHAT YOU’LL BRING - Significant experience in corporate security, IT security, or security engineering, with a track record of building programs or capabilities rather than operating within established ones. - Strong technical depth across several of the following: identity and access management, SaaS security, endpoint management, DLP, network security, detection and response. - Demonstrated ability to build tooling and automation that enforce controls, not just define them. You've written code, built integrations, or implemented systems that actively reduce risk in a production environment. - Experience working within or closely alongside IT organizations. You understand the operational realities of IT — device management, support workflows, tooling constraints — and can build security practices that work with these realities rather than against them. - The ability to define and communicate risk clearly to both technical and non-technical stakeholders, and comfort making sequencing decisions with imperfect information. - A bias toward pragmatic, enforceable controls over theoretical frameworks. EVEN BETTER… - Experience with macOS-heavy environments managed through Jamf Pro or Fleet. - Familiarity with OAuth governance, Slack integration management, or SaaS security posture management (SSPM) tooling. - Experience building toward Zero Trust architecture or implementing DLP at a growth-stage company. OUR VALUES - Trust: We build trust with our customers with our accountability, empathy, quality, and responsiveness. We build trust in AI by making it more accessible, safe, and useful. We build trust with each other by showing up for each other professionally and personally, creating an environment that enables all of us to do our best work. - Customer Obsession: We deeply understand our customers’ business goals and relentlessly focus on driving outcomes, not just technical milestones. Everyone at the company knows and spends time with our customers. When our customer is having an issue, we drop everything and fix it. - Craftsmanship: We get the details right, from the words on the page to the system architecture. We have good taste. When we notice something isn’t right, we take the time to fix it. We are proud of the products we produce. We continuously self-reflect to continuously self-improve. - Intensity: We know we don’t have the luxury of patience. We play to win. We care about our product being the best, and when it isn’t, we fix it. When we fail, we talk about it openly and without blame so we succeed the next time. - Family: We know that balance and intensity are compatible, and we model it in our actions and processes. We are the best technology company for parents. We support and respect each other and celebrate each other’s personal and professional achievements. WHAT WE OFFER We want our benefits to reflect our values and offer the following to full-time employees: - Flexible (unlimited) paid time off - Medical, dental, and vision benefits for you and your family - Life insurance and disability benefits - Retirement plan dependent on country of employment - Parental leave - Fertility and family building benefits through Carrot - Lunch, as well as delicious snacks and coffee to keep you energized  - Discretionary benefit stipend giving people the ability to spend where it matters most - Free alphorn lessons These benefits are further detailed in Sierra's policies, may vary by region, and are subject to change at any time, consistent with the terms of any applicable compensation or benefits plans. Eligible full-time employees can participate in Sierra's equity plans subject to the terms of the applicable plans and policies. BE YOU, WITH US We're working to bring the transformative power of AI to every organization in the world. To do so, it is important to us that the diversity of our employees represents the diversity of our customers. We believe that our work and culture are better when we encourage, support, and respect different skills and experiences represented within our team. We encourage you to apply even if your experience doesn't precisely match the job description. We strive to evaluate all applicants consistently without regard to race, color, religion, gender, national origin, age, disability, veteran status, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.