Security Engineer, Enterprise Infrastructure, Level 3

Snap Inc is a technology company. We believe the camera presents the greatest opportunity to improve the way people live and communicate. Snap contributes to human progress by empowering people to express themselves, live in the moment, learn about the world, and have fun together. The Company’s three core products are Snapchat, a visual messaging app that enhances your relationships with friends, family, and the world;
Lens Studio, an augmented reality platform that powers AR across Snapchat and other services; and its AR glasses, Spectacles.

Snap Security teams protect the trust and safety of our global community by securing the systems and data that power Snapchat. We safeguard hundreds of millions of Snap chatters every day, ensuring that every product and service is built on a foundation of security and resilience. Our values guide everything we do - from how we anticipate and mitigate threats to how we collaborate across Snap.

We move fast, with precision, and always execute with privacy at the forefront.

We’re looking for a Security Engineer to join our Enterprise Infrastructure Security (EIS) team!

You will help design and operate the security controls that protect our corporate devices, applications, and infrastructure. Our team’s scope is broad. We’re looking for someone with expertise in a few areas and the curiosity to learn and collaborate across the rest:

Architect and deploy device trust capabilities by defining and enforcing policies that validate device posture, health, and identity, ensuring only trusted devices can access internal and SaaS applications

Build and operate enterprise vulnerability and risk management platforms, establishing patching and configuration standards, managing exceptions, and reducing attack surface across operating environments

Design and operate secure networking and Zero Trust access controls, ensuring that device trust, identity, and network segmentation principles are consistently enforced across corporate and SaaS environments

Partner with IT and identity platform teams to define security requirements for IAM, IDP, and SSO integrations, ensuring strong authentication, least-privilege access, and alignment with Zero Trust principles across corporate and SaaS environments

Implement and enforce secure network architectures and firewall policies to protect on-premise infrastructure, maintaining resilient security across datacenters, PoP sites, and manufacturing environments

Conduct security reviews and partner with cross-functional teams to evaluate new and existing systems, including AI tools and features, providing actionable mitigation guidance that upholds access control boundaries, protects sensitive data, and enables the business to move securely, while also managing exception handling and formal risk acceptance processes

Experience designing, building, and maintaining corporate security controls, with depth in areas such as device posture management, endpoint agents/binary allow listing, or SaaS application security

Knowledge of operating system internals and hardening, with competency across two or more of the following: macOS, Windows, Linux, mobile (iOS/Android), IoT, or cloud environments (AWS, GCP)

Understanding of corporate networking concepts and protocols (e.g., VPNs, firewalls, DNS, TLS, identity-aware networking) and their role in enforcing device and application security

Experience conducting security design reviews and providing actionable mitigation guidance that balances business enablement with risk reduction

Strong development or scripting skills (Python, Go, or equivalent) for building integrations, automating workflows, and scaling security platforms

Bachelor of Science in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field

1+ years of experience in the field of corporate or enterprise security, or other similar security engineering role

Background evaluating and securely enabling emerging technologies, including AI tools and…