Security Engineer (L5) - Workforce Security

Role Overview

Netflix is seeking an L5 Security Engineer specializing in Endpoint Security for its Workforce Security team. The role focuses on identifying and managing risks across software running on Netflix endpoints and delivering scalable endpoint security controls.

Responsibilities

• Design, implement, and validate protective endpoint security controls
• Develop and roll out solutions for:
  • Host hardening
  • Vulnerability identification
  • Patch management to maintain security standards and prevent configuration drift
• Design and test host hardening configurations for Mac, Windows, and Linux (with at least two covered)
• Build and execute a Patch and Vulnerability Management Strategy including enforcement
• Use Threat Intelligence to prioritize remediation at:
  • OS level
  • App level
  • App configuration level
• Evaluate build vs. buy security capabilities using requirement gathering, cost-benefit analysis, and effort estimation
• Translate complex technical risks into clear business risks for stakeholder trade-off decisions
• Provide standard business-hours operational support for Workforce Security
• Participate in infrequent 24/7 incident response as needed

Requirements (You Should Have)

• Knowledge of endpoint MDM solutions such as Jamf, Kandji, or Intune
• Hands-on experience with endpoint vulnerability scanning tools such as CrowdStrike or Tenable
• Ability to design and test host hardening configurations for at least two of: Mac, Windows, Linux
• Understanding of Vulnerability Management practices
• Threat Modeling competency to influence control right-sizing and prioritization
• Ability to validate publicly disclosed exploits and perform variant analysis
• Scripting ability (not necessarily production-grade); ability to use GenAI is sufficient
• Ability to drive work delivery independently (bias to action)
• Strong cross-functional collaboration skills
• Familiarity with corporate security tooling across endpoint, identity, data, and vendor security
• Ability to navigate ambiguity by translating strategic goals into actionable plans
• Use of measurement and metrics to drive decisions and outcomes

Success Factors

• Values deep collaboration and uses data to inform and communicate decisions
• Communicates complex topics effectively to internal customers and partners
• Takes ownership of open-ended problems from concept to production