Staff IT Security Engineer

Amplitude is seeking an experienced Staff IT Security Engineer to design and build controls that define how Amplitude leverages frontier AI tooling at scale. This is a high-scope, hands-on position focused entirely on corporate and enterprise security, specifically tackling the risks that AI tools and AI-enabled workflows introduce into our environment. You will operate independently within a well-defined security program, partner closely with a Senior Staff IT Security Engineer, and align IT Security priorities while reporting directly to the CISO. This is an opportunity to have a significant impact, where you will be hands-on with building agentic solutions for detection, response and high-level automation.

As a Staff IT Security Engineer, you will manage and execute day-to-day enterprise security operations across our corporate systems, including SaaS security posture, identity security (IdP/Okta), endpoint security, and access governance. This role is focused on enterprise-level problems and IT infrastructure security, not securing ML pipelines, models, or AI product features.

What You'll Do

• Enterprise Security Operations: Manage and execute day-to-day enterprise security operations across corporate systems, including SaaS security posture, IdP, endpoint, vulnerability management, and access governance, leveraging AI-assisted tooling to accelerate triage, analysis, and documentation at scale.
• Identity & Access Management: Execute complex Okta/IdP changes and maintain configurations for auth policies, adaptive MFA, SCIM provisioning, RBAC group management, and lifecycle automation. You will coordinate and execute access reviews across the enterprise to enforce least-privilege remediation, using AI tooling to summarize findings and draft stakeholder follow-ups.
• AI Security & Governance: Be crucial in defining AI security by reviewing AI tool permissions, connector/integration configurations, and data-sharing settings. You will build and maintain AI-powered security automation—designing and operating agentic pipelines to automate repeatable security workflows (like app approval triage and access review summarization) and ensuring the security architecture of those pipelines is sound.
• Detection & Response: Drive detection and response efforts by authoring CrowdStrike IOAs/IOCs, writing SIEM queries, and tuning alerts to reduce noise without losing coverage. You will handle incident triage, scoping, and containment, and produce post-mortem documentation in partnership with a senior engineer.
• Risk & Compliance: Conduct vendor and SaaS tool security reviews (intake, risk evaluation, remediation tracking, and sign-off coordination). Produce security metrics and reporting for operational tracking and CISO/exec audiences.

What You'll Need

• Experience: 5–8+ years in enterprise/corporate security with hands-on depth in at least two of the following areas: identity (Okta), endpoint (CrowdStrike/Kandji), SaaS security, or detection engineering.
• Autonomy & Ownership: You are a self-starter and self-managing, capable of working problems independently from initia