At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit careers.klaviyo.com to see how we empower creators to own their own destiny.
Klaviyo is seeking a Senior Corporate Security Engineer to join the Security Development Operations (SDO) team. The Corporate Security Engineer will play a critical role in protecting Klaviyo by monitoring, configuring, and making available to the company corporate supplied security products such as WAF tooling, CNAPP, EDR, cloud Integrations, network configurations and tooling. This role involves developing, implementing, and maintaining security systems and practices that ensure the safety of our digital assets. The ideal candidate will have a strong background in security engineering, with experience managing commercial security products, configuration of cloud environments including Azure and AWS, and collaborating across various teams to enhance our security posture.
How you will make a difference:
- Develop systems and tools to enhance the security properties of corporate infrastructure, including Identity and Access Management, Endpoint Security, Data Loss Prevention, and Zero Trust architecture.
- Collaborate with various teams to implement security strategies and policies for in-house and SaaS security applications.
- Conduct security reviews and provide architectural guidance for infrastructure systems, account lifecycle, and automation.
- Execute and improve security consulting processes through runbooks and automation.
- Perform risk assessments and threat modeling to identify and mitigate potential security risks.
- Build and maintain security controls across various domains, including EDR, email security, ransomware resilience, and more.
- Develop and maintain security automation tools to enhance corporate infrastructure security.
- Drive remediation of security vulnerabilities identified through assessments.
- Stay current with emerging security threats and industry trends to continuously improve security measures.
Technologies we use (not exhaustive):
- Python, Django, React, RabbitMQ, Celery, MySQL, Redis, Memcached
- AWS, GCP, Azure, Windows 365, Terraform, BuildKite
- Splunk, Snowflake, Lacework, Okta, Jamf, Meraki, Wiz, Crowdstrike
We’d love to hear from you if you have:
- 4+ years of experience as a Corporate Security Engineer or in a related role
- Proven impact in multiple Corpsec domains: BeyondCorp, Corporate Identity, Endpoint Security, Data Loss Prevention, Device Trust, SaaS Security, Zero Trust.
- Strong software engineering skills in Python, Golang, or Java.
- Proficiency in threat modeling and implementing preventative and detective controls.
- Advanced knowledge of operating system internals (macOS, Windows, Linux)
- Experience with cloud security and infrastructure hardening.
- Experience with infrastructure-as-code tools such as Terraform
- Automation-first approach for all work performed
- Practical experience with large-scale identity management infrastructure and BeyondCorp/Zero Trust architectures.
- Excellent problem-solving skills and ability to work independently.
- Strong communication skills to explain complex security issues in understandable terms.
The pay range for this role is listed below. Sales roles are also eligible for variable compensation and hourly non-exempt roles are eligible for overtime in accordance with applicable law. This role is eligible for benefits, including: medical, dental and vision coverage, health savings accounts, flexible spending accounts, 401(k), flexible paid time off and company-paid holidays and a culture of learning that includes a learning allowance and access to a professional coaching service for all employees.
Get to Know Klaviyo
We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.
Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.
IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls.
You can find our Job Applicant Privacy Notice here.