Security Engineer, Enterprise Infrastructure Security, Level 5

Location: Los Angeles, Canada | Palo Alto, Canada | Seattle, India

Department: Engineering

Employment Type: Full time

About Snap Inc

Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together.

About the Role

Snap Inc is a camera company that believes the camera presents the greatest opportunity to improve the way people live and communicate. We contribute to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together through our core products: Snapchat, a visual messaging app reaching hundreds of millions daily; Lens Studio, an AR platform powering augmented reality across Snapchat and beyond; and Spectacles, our AR glasses. Our Engineering teams build fun, technically sophisticated products with privacy at the forefront, moving fast with precision in a creative culture that values innovation and diverse voices. Join our Enterprise Infrastructure Security (EIS) team as a Security Engineer, Level 5, to protect the infrastructure enabling our AR innovations and camera-first experiences. In this role, you'll design and operate security controls safeguarding corporate devices, applications, and infrastructure—from endpoints and BYOD to IoT devices powering lab environments for Spectacles and AR development. You'll architect device trust capabilities, secure SaaS apps like Google Workspace, and implement Zero Trust networking to ensure only healthy, trusted devices access sensitive data fueling Snapchat's real-time features. Partnering with IT, identity, and engineering teams, you'll enforce hardening standards across macOS, Windows, Linux, mobile, and cloud (AWS/GCP), while building vulnerability management platforms and automating workflows with Python or Go to reduce attack surfaces enterprise-wide. You'll conduct security reviews for emerging technologies like AI tools enhancing Lenses and AR features, providing guidance that balances risk reduction with business speed, upholding access controls for camera data privacy. Collaborate cross-functionally to secure on-premise datacenters, PoPs, and manufacturing for Spectacles, ensuring resilient defenses in our fast-paced environment. With deep expertise in endpoint security, networking protocols, and OS internals, you'll drive Snap's mission forward, protecting the creative tools that let Snapchatters share moments securely worldwide. We practice a 'default together' policy, expecting 4+ days/week in office to build culture faster.

What You'll Do

• Build and maintain execution control tooling such as endpoint agents, binary allowlisting, and related enforcement systems while driving resilient device posture through configuration standards, hardening, and continuous validation across endpoints, BYOD, browsers, IoT, lab, network, and IT systems
• Architect and deploy device trust capabilities by defining and enforcing policies that validate device posture, health, and identity, ensuring only trusted devices can access internal and SaaS applications
• Secure corporate and SaaS applications, including Google Workspace, by establishing baseline configurations, enforcing access governance, managing browser policies, and ensuring secure communication and data sharing across collaboration platforms
• Build and operate enterprise vulnerability and risk management platforms, establishing patching and configuration standards, managing exceptions, and reducing attack surface across operating environments
• Design and operate secure networking and Zero Trust access controls, ensuring that device trust, identity, and network segmentation principles are consistently enforced across corporate and SaaS environments
• Partner with IT and identity platform teams to define security requirements for IAM, IDP, and SSO integrations, ensuring strong authentication, least-privilege access, and alignment with Zero Trust principles across corporate and SaaS environments
• Implement and enforce secure network architectures and firewall policies to protect on-premise infrastructure, maintaining resilient security across datacenters, PoP sites, and manufacturing environments
• Conduct security reviews and partner with cross-functional teams to evaluate new and existing systems, including AI tools and AR features for Snapchat and Spectacles, providing actionable mitigation guidance that upholds access control boundaries, protects sensitive data, and enables the business to move securely
• Collaborate with engineering teams to secure camera technology and AR innovations, ensuring privacy and security in real-time visual messaging and Lens Studio platforms
• Drive security initiatives that support Snap's creative culture, enabling fast innovation while prioritizing privacy in every Snap

Minimum Qualifications

• Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
• 6+ years of experience in the field of corporate or enterprise security, or other similar security engineering role
• Proven experience designing, building, and maintaining corporate security controls, with depth in areas such as device posture management, endpoint agents/binary allowlisting, or SaaS application security
• Advanced knowledge of operating system internals and hardening across two or more of: macOS, Windows, Linux, mobile (iOS/Android), IoT, or cloud environments (AWS, GCP)
• Strong understanding of corporate networking concepts and protocols (e.g., VPNs, firewalls, DNS, TLS, identity-aware networking)
• Strong development or scripting skills (Python, Go, or equivalent) for building integrations, automating workflows, and scaling security platforms
• Experience conducting security design reviews and providing actionable mitigation guidance that balances business enablement with risk reduction

Preferred Qualifications

• Background evaluating and securely enabling emerging technologies, including AI tools and features, with a focus on upholding access control boundaries and data protection requirements
• Familiarity with securing lab, IoT, and ancillary systems, including applying hardening standards, monitoring, and access controls across heterogeneous environments
• Excellent verbal and written communication skills, with high attention to detail
• Work record of collaborating with internal and external stakeholders at all levels of a company

Knowledge, Skills & Abilities

• Device posture management
• Endpoint agents and binary allowlisting
• SaaS application security (e.g., Google Workspace)
• Operating system hardening (macOS, Windows, Linux, iOS/Android, IoT)
• Cloud environments (AWS, GCP)
• Corporate networking (VPNs, firewalls, DNS, TLS)
• Identity-aware networking
• Zero Trust architecture
• IAM, IDP, and SSO integrations
• Python or Go scripting for automation
• Vulnerability and risk management
• Security design reviews
• Cross-functional collaboration
• Actionable risk mitigation
• AI and emerging technology security
• Privacy-focused engineering
• Attention to detail
• Strong communication

Our Benefits

• Paid parental leave
• Comprehensive medical coverage
• Emotional and mental health support programs
• Compensation packages that let you share in Snap’s long-term success
• Equity in the form of RSUs
• Dynamic collaboration in a 'default together' office environment (4+ days per week)
• Opportunities to work on innovative camera technology and AR products reaching hundreds of millions of users
• Support for diverse backgrounds and inclusive culture

Compensation

$209,000-$313,000 annually

This position is eligible for equity in the form of RSUs.

"Default Together" Policy: At Snap Inc, we practice a "default together" approach and expect team members to work in an office 4+ days per week.

Snap is proud to be an equal opportunity employer.