Staff Corporate Security Engineer
2mo ago
USALeadsecurity architecturerisk managementthreat modelingsecurity policiesincident response
Design and architect corporate security posture for an AI infrastructure company.
Nice to have
- Experience implementing CASB platforms and enterprise DLP solutions at scale
- Familiarity with Model Context Protocol (MCP) or similar AI orchestration frameworks
- Experience building “Secure by Default” environments in high-growth organizations
- Background in cloud-native or AI infrastructure environment.
Conditions
- Competitive compensation and equity packages
- Restricted Stock Units
- Paid time off, paid holidays & leave of absence programs
- Comprehensive health, dental & vision insurance
- Employer contributions to HSA account
- Paid parental leave
- Paid life insurance, short-term and long-term disability
- Professional development & tuition reimbursement
- Mental health & wellness support
- Commuter benefits (parking & transit)
- Cell phone stipend
- 401(k) Retirement plan with company match up to 4% of salary
- Volunteer time off
- Global travel insurance & emergency assistance
- Daily meals allowance
- Additional perks & programs specific to location
- Compensation will be paid in the range of up to $210,000 - $255,000 + Bonus. Restricted Stock Units are included in all offers. Compensation to be determined by the applicants knowledge, education, and abilities, as well as internal equity and alignment with market data.
- Crusoe is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, disability, genetic information, pregnancy, citizenship, marital status, sex/gender, sexual preference/ orientation, gender identity, age, veteran status, national origin, or any other status protected by law or regulation.
Other
- Crusoe is on a mission to accelerate the abundance of energy and intelligence . As the only vertically integrated AI infrastructure company built from the ground up, we own and operate each layer of the stack — from electrons to tokens — to power the world's most ambitious AI workloads. When you join Crusoe, you join a team that is building the future, faster.
- We're in the midst of the greatest industrial revolution of our time. The demand for AI compute is boundless, and power is a bottleneck. We're solving that — with an energy-first approach that makes AI infrastructure better for the world and faster for the people innovating with AI.
- We're looking for problem-solving, opportunity-finding teammates with a sense of urgency, who believe in the scale of our ambition and thrive on a path not fully paved — people who want to grow their careers alongside a team of experts across energy, manufacturing, data center construction, and cloud services.
- If you want to do the most meaningful work of your career, help our customers and partners advance their AI strategies, and be part of a high-performing team that believes in each other, come build with us at Crusoe.
- Crusoe is building the world’s favorite AI-first cloud infrastructure. We are seeking a Staff Corporate Security Engineer to act as the principal architect for our corporate security posture.
- In this role, you will move beyond tactical tool management to design high-assurance, preventative systems that safeguard our identity perimeter, global network, and SaaS ecosystem. As a senior technical leader, you will build a “Secure by Default” environment where security is seamlessly embedded into the employee experience.
- Leading the design and implementation of Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) architectures, replacing legacy VPNs with identity-aware, perimeter-less access models
- Architecting preventative SaaS security across platforms such as Google Workspace, Slack, and Okta, including CASB controls to enforce data protection and monitor unauthorized applications or extensions
- Implementing Binary Authorization and device trust mechanisms, leveraging hardware-backed identity (e.g., TPM, Secure Enclave) to ensure only compliant devices can access corporate systems
- Designing and tuning Data Loss Prevention (DLP) controls across endpoints and SaaS platforms to protect intellectual property
- Strengthening email security posture, including MFA enforcement and session controls to mitigate phishing and session hijacking risks
- Architecting AI-native security frameworks, including governance and secure gateways for agent-based systems (e.g., MCP), ensuring all AI-driven actions are auditable and aligned with zero-trust principles
- Scaling identity and access management systems, including SSO, SAML, OAuth, SCIM, and designing Just-In-Time (JIT) access workflows to eliminate standing privileges
- Defining and executing a “Crown Jewels” security methodology, identifying and remediating high-risk vulnerabilities (e.g., IDOR, role-bypass) across critical systems
- 8+ years of experience designing and implementing Zero Trust, SASE, and modern identity-based security architectures
- Strong expertise in SaaS security, including CASB, DLP, and governance across platforms like Google Workspace, Okta, and Slack
- Experience implementing device trust, endpoint security, and hardware-backed identity solutions
- Strong understanding of identity and access management systems (SSO, SAML 2.0, OAuth, SCIM) and secure access patterns
- Knowledge of email security, phishing mitigation, and session security controls
- Experience identifying and mitigating application-layer vulnerabilities such as IDOR and privilege escalation risks
- Familiarity with emerging AI security challenges, including governance of agent-based systems and secure orchestration patterns
- Strong architectural mindset with the ability to design preventative, scalable security systems
- Excellent communication skills and ability to influence security decisions across engineering and business teams