Senior Security Engineer - Corporate Security

Atlan is building the missing context layer for data and AI, helping enterprises close the AI value chasm. Today, 95% of AI pilots fail because AI systems don’t understand the context behind data: what it means, how it’s governed, and how it should be used.

Atlan connects to every part of the modern data and AI stack to unify this context into a single, shared layer that both humans and AI agents can rely on.

With Atlan, teams can discover, understand, and trust their data; build and collaborate on a shared body of knowledge; and activate that context across analytics, operations, and AI workflows.Trusted by global enterprises like Mastercard, Workday, General Motors, Unilever, Ralph Lauren, FOX, Nasdaq, and Medtronic, we’re backed by world-class investors including GIC, Insight Partners, Meritech, Peak XV, and Salesforce Ventures

We are looking for a Senior Security Engineer to own and drive Corporate Security at Atlan. This is a senior individual contributor role with high autonomy and high visibility. You will be the technical authority for everything that protects our people, endpoints, networks, SaaS ecosystem, and corporate data—the full surface area outside of production infrastructure.

The scope is broad and the team is lean. You need to have done this before: deployed and operated the core corporate security stack, made architectural calls on tooling, and built engineering-driven solutions over manual processes. We need someone who can hit the ground running and start delivering from week one, not someone who needs technical guidance on what EDR to pick or how to architect zero trust.

You will provide technical direction to the IT Operations team on security matters, partner closely with Infrastructure Security, Detection & Response, GRC, and Legal teams, and report into Security leadership. Because Atlan serves regulated enterprises, the security posture of our corporate environment directly impacts customer trust, compliance audits, and deal velocity.

• Corporate Security Architecture & Engineering

  • Design, build, and operate the security controls for Atlan’s corporate environment: macOS fleet, SaaS applications, corporate identities (Okta/Google Workspace), email, endpoints, and network edge

  • Evaluate, select, deploy, and operate the corporate security stack: EDR/XDR, MDM, ZTNA, CASB/SSPM, email security, DLP, browser security. You will own vendor selection, PoCs, deployment, tuning, and lifecycle management

  • Define and enforce security baselines, hardening standards, and configuration policies across all corporate platforms

  • Drive vulnerability management for corporate assets: patch orchestration, risk-based prioritization, exception tracking, and SLA enforcement

  • Build security automation and internal tooling. We expect you to use LLMs (Claude, custom agents) to accelerate security workflows

  • Lead security reviews of new SaaS adoptions, corporate infrastructure changes, and IT projects

  • Define what it means to operate safely in an environment where AI agents act autonomously across corporate systems

• Roadmap & Cross-Team Collaboration

  • Own the Corporate Security roadmap. Align investments to Atlan’s risk register, compliance calendar, and growth trajectory

  • Provide technical direction and security guidance to IT Operations on endpoint provisioning, network design, SaaS lifecycle management, and access controls

  • Partner with Detection & Response on telemetry coverage, detection engineering, and incident handling for corporate-sourced events

  • Collaborate with Infrastructure Security and AppSec teams to ensure security standards are consistent across corporate and production environments

  • Support compliance programs (ISO 27001, ISO 42001, SOC 2, HIPAA, GDPR) by ensuring corporate security controls satisfy audit evidence requirements

  • Communicate security posture, risks, and investment needs to Security leadership and cross-functional stakeholders clearly and persuasively

• 8+ years of hands-on Security Engineering experience in corporate/enterprise security (endpoint, network, SaaS, identity, or a combination)

• Have built or significantly matured a corporate security program before: selected the tooling, defined the architecture, shipped the controls. Not just operated what someone else built

• Strong engineer who still writes code regularly. You can prototype a tool, write a detection, build an integration, script an API, or debug a complex configuration issue

• Deep experience with macOS fleet security (this is our primary endpoint platform)

• Hands-on experience deploying and operating EDR/XDR, MDM, ZTNA/zero trust, and identity security solutions at scale

• Understand modern SaaS security challenges: shadow IT, OAuth token sprawl, data exfiltration paths, SaaS-to-SaaS integrations, and CASB/SSPM tooling

• Can work independently with high autonomy, manage ambiguity, and make sound risk-based prioritization decisions without waiting for direction

• Excellent communication skills: can translate complex security topics into clear recommendations for both engineering teams and business stakeholders

• Experience supporting ISO 27001, SOC 2, or equivalent compliance frameworks from the corporate security controls side

• Experience securing corporate environments at high-growth SaaS, AI, cloud, or developer-tools companies

• Advanced macOS security: system extensions, Endpoint Security framework, MDM profile engineering, Declarative Device Management

• Network security architecture for distributed/remote-first environments: SD-WAN, ZTNA, DNS security, network segmentation

• Browser security and isolation technologies (Island, Talon/Palo Alto, Chrome Enterprise)

• Proficiency in Python, Go, or similar languages for building security tooling and automation

• Experience leveraging LLMs/AI to augment security operations, build investigative tooling, or automate policy enforcement

• Familiarity with IaC (Terraform), CI/CD pipelines, and DevSecOps practices as they apply to corporate infrastructure

• Mobile security for iOS/Android in a BYOD environment

• Data Loss Prevention (DLP) program design and implementation across endpoints, email, SaaS, and cloud storage

• Exposure to ISO 42001 (AI Management Systems) controls

Joining Atlan means being part of a global movement to help data teams do their life’s best work. Here’s what you can expect: