Corporate Security Systems Engineer

Onebrief is collaboration and AI-powered workflow software designed specifically for military staffs. By transforming this work, Onebrief makes the staff as a whole superhuman - meaning faster, smarter, and more efficient.

We take ownership, seek excellence, and play to win with the seriousness and camaraderie of an Olympic team. Onebrief operates as an all-remote company, though many of our employees work alongside our customers at military commands around the world.

Founded in 2019 by a group of experienced planners, today, Onebrief’s team spans veterans from all forces and global organizations, and technologists from leading-edge software companies. We’ve raised $320m+ from top-tier investors, including Battery Ventures, General Catalyst, Sapphire Ventures, Insight Partners, and Human Capital, and today, Onebrief is valued at $2.15B. With this continued growth, Onebrief is able to make an impact where it matters most.

You're a detail-oriented security engineer who understands that strong security comes from disciplined configuration management and consistent enforcement. You're comfortable deploying and managing enterprise security tools, and you know how to translate regulatory requirements into practical technical controls.

You think in terms of baselines and drift. You understand that endpoint hardening, SaaS configuration security, identity controls, browser management, MDM, and Zero Trust are interconnected components of enterprise defense. You're structured in your documentation, disciplined in change management, and motivated by reducing systemic risk through automation.

You work well across teams—partnering with IT, Security Operations, GRC, and application owners to ensure systems are deployed securely and remain compliant over time.

• Implement and maintain enterprise security tooling and approved configuration baselines across endpoints, browsers, SaaS platforms, and identity systems, aligned with CMMC 2.0, NIST 800-53, and internal standards.

• Partner with Corporate Security Engineering leadership and Vulnerability Management to ensure configuration controls and remediation efforts are aligned, measurable, and enforceable.

• Continuously improve security configurations by reducing drift, expanding automation, and strengthening documentation and evidence collection to support audit readiness.

• Collaborate with Corporate IT, Security Operations, and application owners to securely deploy systems and SaaS platforms, providing guidance during rollouts and participating in security reviews.

• Maintain structured processes for baseline updates, configuration reviews, drift detection, and control validation, ensuring changes are documented, approved, and traceable to compliance requirements.

• Implement and enforce technical controls that protect the confidentiality, integrity, and availability of corporate systems while meeting regulatory and privacy commitments.

• Ensure configuration data, drift findings, and remediation evidence are accurate, access-controlled, and retained in accordance with policy.

• Support compliance assessments by providing defensible artifacts and escalate identified control gaps or systemic risks to Security Engineering leadership.

• 4–8+ years of experience in security engineering, systems engineering, or enterprise IT security

• Hands-on experience with enterprise security tooling (e.g., Zscaler, MDM platforms, browser enterprise management, EDR, SIEM)

• Experience implementing and maintaining configuration baselines aligned to NIST 800-53, CMMC 2.0, DISA STIGs, or similar frameworks

• Familiarity with SaaS security configuration and identity/access management controls

• Experience with raw API-based integrations and no-code automation platforms (Tines, Okta Workflows)

• Demonstrated experience automating configuration enforcement and reducing manual security tasks

• Strong understanding of change management and documentation practices

• Ability to translate compliance requirements into technical control implementations

• Strong communication skills and ability to work across technical and non-technical teams

• Bonus: Experience in regulated or DoD-adjacent environments

Notice to Third Party Recruitment Agencies
Please note that Onebrief does not accept unsolicited resumes from recruiters or employment agencies. In the absence of an executed Recruitment Services Agreement, there will be no obligation to any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without an agreement Onebrief explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resumes, including those submitted to hiring managers, shall be deemed the property of Onebrief.