Job Description: Security Operations Engineer

About Tailscale

Tailscale is building the new Internet by delivering software that makes it easy to securely interconnect people and their devices, no matter where they are. From hobbyists to multinational corporations, teams of every size use Tailscale each day to protect their networks, share access to internal tools, and more. We're building a future for the Internet that's easy, sensible, and safe, like it used to be. Founded in 2019 and fully distributed, we're backed by Accel, CRV, Insight, Heavybit, and Uncork Capital.

Position Overview

We’re seeking a talented engineer, specializing in security operations, to help grow our security team. We’re looking for people who can move Tailscale forward while making it safer to use. The abilities to think on your feet, collaborate with highly technical teams, and be comfortable working asynchronously are essential.

Responsibilities

• Device Management: Including MDM policies, BYOD, Patch/Vulnerability management, Troubleshooting, and general OS management (macOS, Linux, and Windows).
• Platform Support: Supporting Tailscale’s key platforms including Google Workspace, Jira, GitHub.
• Process Automation: Automating tasks such as self-service access and patching.
• Access Management: Managing access through OIDC, SAML, and SCIM.
• Data Loss Prevention/Mitigation: Implementing measures to prevent and mitigate data loss.
• Tech-Stack Decision Making: Overseeing tech decisions in coordination with Engineering Leadership, ensuring alignment with company-wide IT standards.

What We Are Looking For

• Prior experience in a security-related or adjacent technical role, such as:
  • Identity and Access Management
  • Endpoint Security
  • Data Loss Prevention
  • Security Operations Center experience
  • IT Engineering/Operations
• Knowledge of operating systems and security mechanisms.
• Knowledge of common networking protocols.
• Knowledge of common authentication and user management protocols (OIDC, SAML, SCIM).
• Knowledge of Google Workspace Security and Device Management.
• Experience with MDM products such as Jamf, Kandji, Fleet, Intune.
• Ability to give and process constructive feedback.
• Ability to work independently and collaboratively.
• Flexibility to adjust to the dynamic nature of a startup.

It's Nice if You Have

• Experience with Jira workflows and automation.
• Application and/or Infrastructure security experience.
• Go, Python, or bash scripting preferred.

Why You Might Not Like This Role

You will spend at least 25-50% of your time in this role on process automation. This might differ from what “Security Operations” roles look like at other companies. This role is not for you if you expect to spend most of your time doing:

• Security and architecture reviews
• Pentesting or other offensive security efforts
• Spending all your time in a SIEM reviewing alerts
• Operating vendor software or Ticket-based access approvals (because you’ll automate as much as you can)

Compensation and Benefits

As a company, we strive to maintain fair and equitable compensation practices within our team across all roles and all levels. Tailscale's compensation package includes base salary, equity, and comprehensive benefits. The salary range displayed on each job posting represents the target range for a new hire's base salary. Individual offers may vary based on experience and skill set.

US Pay Ranges: $172,000 - $214,750 USD

What We Offer:

• An inclusive, flexible environment where you can be your authentic self. We recognize the impact of diverse voices and backgrounds on the growth of our people, product, and company. Flexibility in how and when you work empowers our team to integrate work and life.
• A competitive total compensation package, including base salary, an equity incentive plan, and variable commission (for quota-based roles).
• Comprehensive group benefits with no waiting period, including coverage for health, vision, dental, and more for you and your family.

Note: We encourage candidates from historically marginalized groups to apply, even if they don't meet 100% of the listed qualifications.