TRM Labs · 7 hours ago
Enterprise Security Engineer
United States
Full-time
Remote
Mid Level
$120K/yr - $140K/yrTRM Labs is a blockchain intelligence company on a mission to build a safer world for billions of people. They are seeking an Enterprise Security Engineer to enhance their security posture by securing corporate software, services, tooling, and infrastructure while collaborating with various teams to automate controls and improve security processes.
Big DataBlockchainComplianceCryptocurrency
Responsibilities
Engineer secure-by-default endpoint baselines for macOS and Windows Endpoints, including encryption, firewall, application controls, device compliance, and configuration standards
Automate and scale identity and access controls in Entra ID and Google Workspace (SSO, SCIM, conditional access, privileged access workflows, access reviews, joiner/mover/leaver)
Codify security controls as code (Terraform/configuration profiles/policy-as-code), with peer review, change history, testing/rollback, and measurable outcomes
Build and maintain automations and integrations (e.g., n8n/SlackOps/APIs/scripts) that reduce manual access grants, speed up control changes, and eliminate repetitive workflows
Harden SaaS and collaboration platforms by reducing unmanaged apps and enforcing strong authentication, least privilege, sharing controls, and data protection guardrails
Improve visibility and detection by ensuring logging coverage and telemetry for endpoint, identity, and key SaaS applications (e.g., Defender/Sentinel and vendor logs where relevant)
Drive vulnerability and configuration drift reduction through patch compliance targets, remediation pipelines, and reporting that leadership can act on
Partner with compliance and risk stakeholders to produce evidence, document controls, and operationalize requirements without creating brittle, manual processes
Participate in an on-call rotation (every ~3 weeks) for escalations related to identity, endpoint security, and critical enterprise systems
Qualification
Required
Demonstrated experience engineering and scaling endpoint management (Jamf and/or Intune) and endpoint security controls for macOS and Windows
Strong IAM foundation: hands-on experience with Entra ID (conditional access, SSO, access governance) and Google Workspace and/or Microsoft 365 administration
Proven ability to automate real operational workflows using scripting and APIs (Bash, PowerShell, Python, etc.)
Strong troubleshooting and systems thinking: able to diagnose issues across identity, endpoint, network controls, and SaaS integrations
Comfort balancing security and usability using a risk-based approach, communicating tradeoffs clearly to technical and non-technical stakeholders
Engineer secure-by-default endpoint baselines for macOS and Windows Endpoints, including encryption, firewall, application controls, device compliance, and configuration standards
Automate and scale identity and access controls in Entra ID and Google Workspace (SSO, SCIM, conditional access, privileged access workflows, access reviews, joiner/mover/leaver)
Codify security controls as code (Terraform/configuration profiles/policy-as-code), with peer review, change history, testing/rollback, and measurable outcomes
Build and maintain automations and integrations (e.g., n8n/SlackOps/APIs/scripts) that reduce manual access grants, speed up control changes, and eliminate repetitive workflows
Harden SaaS and collaboration platforms by reducing unmanaged apps and enforcing strong authentication, least privilege, sharing controls, and data protection guardrails
Improve visibility and detection by ensuring logging coverage and telemetry for endpoint, identity, and key SaaS applications (e.g., Defender/Sentinel and vendor logs where relevant)
Drive vulnerability and configuration drift reduction through patch compliance targets, remediation pipelines, and reporting that leadership can act on
Partner with compliance and risk stakeholders to produce evidence, document controls, and operationalize requirements without creating brittle, manual processes
Participate in an on-call rotation (every ~3 weeks) for escalations related to identity, endpoint security, and critical enterprise systems
Preferred
Working knowledge of operating Infrastructure-as-Code / configuration-as-code (Terraform preferred; policy-as-code/config profiles acceptable)
Security Incident Response & Countermeasures experience
Security Operation Center experience
Benefits
May be eligible to participate in TRM’s equity plan.
Company
TRM Labs
TRM Labs is a software company that offers blockchain, transaction monitoring, and analytics to help financial institutions and governments.
Founded in 2018
201-500 employees
H1B Sponsorship
TRM Labs has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (4)
2023 (3)
2022 (3)
2021 (1)
Funding
Current Stage
Growth StageTotal Funding
$149.9MKey Investors
Thoma BravoJP Morgan ChaseTiger Global Management
2022-11-09Series B· $70M
2022-04-04Series B
2022-02-28Series Unknown
Leadership Team
Esteban Castano
Co-founder & CEO
Rahul Raina
Co-Founder
Recent News
Business Wire
2026-01-09
2026-01-09
Company data provided by crunchbase