Staff Security Engineer – Blue Team

Ironclad is the #1 contract lifecycle management platform for innovative companies.

Contracts are the foundation of business, but managing them has traditionally been slow, manual, and costly. Ironclad helps companies like L’Oreal, OpenAI, and Cisco create, negotiate, and activate contracts faster, without sacrificing compliance. Our platform is flexible enough to handle every kind of agreement, from sales and procurement to HR and legal.

We’re building the future of functional, intelligent contracting, and writing the new narrative for how contracts drive business. Ironclad is a consistent Leader the space, according to Forrester Wave and Gartner Magic Quadrant. We’ve also been named one of Fortune’s Great Places to Work six years running, featured on Glassdoor’s Best Places to Work, and recognized by Forbes’ 50 Most Promising AI Companies.

We’re backed by Accel, Sequoia, Y Combinator, and BOND, and operate in a highly collaborative, inclusive environment. We’d love for you to join us!

This is a hybrid role based out of our San Francisco office. Office attendance is required at least twice a week on Tuesdays and Thursdays for collaboration and connection. There may be additional in-office days for team or company events.

Security at Ironclad

This role is a blue team operator for both corporate and product security.

Security Operations

• Monitor and investigate alerts in CrowdStrike Falcon, escalating incidents as needed.

• Respond to endpoint detections, phishing attempts, and insider threats across endpoints managed via Jamf.

• Maintain and improve detection rules, dashboards, and response workflows.

• Administer and tune Wiz for cloud workload protection and misconfiguration detection in Google Cloud Platform (GCP).

• Collaborate with IT on Google Workspace security controls and sensitive analysis.

DevSecOps

• Integrate security scanning and policy checks into CI/CD pipelines, such as CircleCI. Includes container scanning, SAST, and DAST.

• Work with engineering to remediate vulnerabilities, harden Docker images, and reduce supply chain risk.

• Contribute to secure coding guidance and enforcement of security controls during CI/CD workflows.

Governance and Compliance Support (limited)

• Assist with evidence collection and controls validation for audits (e.g., SOC 2, ISO 27001).

• Document procedures and help drive continuous improvement in incident response and vulnerability management processes.

Qualification preferences

• Experience supporting a B2B SaaS product in a regulated environment, inclusive of GDPR, HIPAA, SOC, ISO 27001, and NIST SP 800-53.

• Familiarity with MITRE ATT&CK, threat hunting techniques, and adversary simulation.

• Experience with compliance tooling, vulnerability management platforms, or Google security APIs.

Benefits:

• Health, dental, and vision insurance

• 401k

• Wellness reimbursement

• Take what you need vacation policy

• Generous parental leave for both primary and secondary caregivers

Base Salary Range: $170,000 – $190,000

The base salary range represents the minimum and maximum of the salary range for this position based at our San Francisco headquarters. The actual base salary offered for this position will depend on numerous factors, including individual proficiency, anticipated performance, and the location of the selected candidate. Our base salary is just one component of Ironclad’s competitive total rewards package, which also includes equity awards (a new hire grant, along with opportunities for additional awards throughout your tenure), competitive health and wellness benefits, and a commitment to career growth and development.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.