Senior Corporate Security Engineer

About the Role

At Opendoor our goal is to build the biggest, most trusted housing platform and set a new standard for how people move. We’ve combined our deep, proprietary data and operational expertise with the power of artificial intelligence (AI) to make online home selling and buying radically simple.

As a Senior Corporate Security Engineer on the Corporate Engineering and IT Security team, your mission is to design, implement, and manage access control, endpoint security, and network security in a way that is accessible, scalable, and secure. You'll work closely with Engineering, Infrastructure, and Human Resources to automate employee and device lifecycle management, provide frictionless zero trust access, and defend against increasingly sophisticated cyber attacks.

What You’ll Do

• Build and maintain a robust automation framework for employee lifecycle and device management using cloud native tooling, DevOps methodologies, Infrastructure as Code, and software engineering best practices.
• Design and implement capabilities that enable security and productivity including zero touch deployment, device trust, phishing resistant MFA, and passwordless authentication using FIDO2/WebAuthn protocols.
• Lead technical initiatives across Engineering, Infrastructure, and HR teams, translating complex business requirements into practical automation solutions across a heterogeneous corporate environment (Mac, Windows, Okta, Duo, Google Workspace, and Azure).
• Architect and implement HRIS-identity platform integrations, particularly Workday-Okta SCIM provisioning and lifecycle management, to eliminate manual processes and ensure consistent access controls.
• Support current business operations while modernizing and simplifying infrastructure to reduce risk, increase resiliency, and enable teams and personnel to collaborate quickly and efficiently.
• Ensure security controls and practices align with business risk appetite and compliance requirements such as Sarbanes Oxley (SOX), Gramm-Leach-Bliley Act (GLBA), and privacy laws.
• Mentor engineering team members while building technical documentation and infrastructure that elevates the entire organization's security and rapid delivery capabilities.

Tech Stack

• Languages: Python, Terraform, Powershell
• IAM: Okta, Azure, Google Workspace
• Endpoint/MDM: Windows/Mac hybrid, Jamf, Intune, Crowdstrike
• Collaboration: Slack, Google Workspace, M365
• Engineering: AWS, GitHub

What You’ll Need

• 5+ years implementing enterprise identity management platforms with 3+ years of Okta administration and automation experience.
• Strong Python programming skills with experience in API development, infrastructure automation, and identity lifecycle management.
• Expert-level Okta administration including Workflows automation, API integrations, and identity protocols (SAML, OAuth, OIDC, SCIM).
• Experience with HRIS-identity platform integrations, particularly Workday-Okta provisioning and attribute mapping.
• Hands-on experience with mobile device management (MDM) platforms, preferably Jamf, and endpoint security tools.
• Experience implementing zero trust architectures including FIDO2/WebAuthn implementation, certificate-based device authentication, and continuous compliance monitoring.
• Strong experience with CI/CD pipeline development, Infrastructure as Code (Terraform), and cloud platforms (AWS, Azure).
• Leadership and collaboration skills to identify and drive cross-functional initiatives across technical and business teams.

Bonus Points For

• Certifications such as Okta Certified Professional/Administrator
• Experience migrating and connecting Microsoft Azure environments with Mac/Google Workspace hybrid environments.

Compensation

The base pay range for this position is $180,000 - $220,000 annually, plus RSUs and bonuses. Pay within this range varies by work location and may also depend on your qualifications, job-related knowledge, skills, and experience. We also offer a comprehensive package of benefits including unlimited PTO, medical/dental/vision insurance, life insurance, and 401(k) to eligible employees.