Corporate Security Engineer at Docker responsible for identity infrastructure and security programs. Collaborating cross-functionally to enhance security posture and compliance across systems.
Responsibilities
Own and continuously improve Docker's Identity and Access Management infrastructure, including SSO, MFA enforcement, lifecycle management, and access governance
Discover, map inventory and conduct security reviews on third-party integrations and drive security improvements across our SaaS application ecosystem
Secure and harden our core collaboration as well as documentation platforms, including email, document sharing, and communication tools
Define and enforce device compliance policies across our corporate device fleet; own the end-to-end compliant device experience
Mature a Zero Trust security model across corporate infrastructure, enforcing conditional access based on identity
Establish and maintain an approved application governance program across desktop, browser, developer tooling, and third-party AI services, with appropriate monitoring and risk-based controls
Contribute to the team's incident response capability, bringing corporate IT and identity expertise to investigations and remediation efforts
Design and deploy canaries across our endpoint fleet, for increased visibility and early-warning capabilities
Participate in the Security team on-call rotation by managing detection and response to security events
Own and continuously improve employee lifecycle security processes, ensuring robust controls at both onboarding and offboarding
Maintain IT security evidence and documentation supporting compliance with SOC2 and ISO ISO 27xxx
Requirements
6+ years in IT systems engineering with emphasis on automation, and hands-on experience in identity access management, and security best practices
Deep hands-on expertise with Enterprise IdP (SSO, MFA, lifecycle management, groups, API automation)
Strong experience securing Google Workspace at an admin level
Experience with MDM solutions and endpoint hardening
Solid understanding of OAuth, SAML, OIDC, and modern identity and access patterns
Intern in operational security at Investissement Québec, supporting security alert management and vulnerability tracking in a supervised learning environment.
IT Information Security Lead at Mirego, responsible for technology and information security management. Overseeing compliance and IT strategies while maintaining operational efficiency.
Cybersecurity Specialist focusing on offensive security for Exposant 3. Performing penetration testing, security audits, and team knowledge transfer in a hybrid work setup.
Financial security advisor in life and health insurance, developing and maintaining client relationships. Selling insurance products and assessing customer needs to provide personalized solutions.
Senior Security Engineer designing and maintaining Microsoft 365 security solutions at ResMed. Focusing on compliance, incident response, and collaboration with global teams.
Senior Infrastructure professional solving practical security challenges and improving enterprise systems security at Confluence. Focused on implementation, remediation, and secure operations across Windows and Linux environments.
Senior infrastructure professional responsible for vulnerability remediation and security improvements across enterprise systems at Confluence. Hands - on role involving Windows and Linux environments with strong collaboration with Cybersecurity team.
Enterprise Security Architect responsible for implementing information security best practices at SecureOps. Collaborating with clients to analyze networks and provide effective security solutions.
Health, safety, and environment advisor responsible for maintaining compliance and promoting safety practices. Supporting project teams and developing SSE programs to manage risks in the workplace.