Senior Security Engineer

Mexico
Technology – Security /
Permanent Full Time /
Remote
Apply for this job
About Us

At Envato, everything we do is about empowering creatives to thrive.

We're here to help creatives bring their ideas to life, supercharge their workflows, and equip them with an unparalleled toolkit they can use anywhere. With unlimited access to world-class assets, innovative AI tools, and hands-on tutorials, we deliver what creatives need today - and are continually evolving our offering. As AI transforms the creative landscape, we’re committed to building what’s next for the future.

We’re a purpose-driven company and certified B Corp. We’ve long embraced flexible, inclusive ways of working and we’re proud of the connected culture we’ve built across our global team. Our values: Community Spirit, Build Our Future, Embrace Diversity, Make It Happen, and Make Envato Proud, guide everything we do, shaping how we work, grow, and succeed.

You can read more about us on our blog, including news of our acquisition by Shutterstock Inc in 2024.

Role Purpose

The Security Operations team plays a crucial role within the IT Operations & Technology Experience department, which is part of the Technology division supporting Envato employees across Australia, New Zealand, Mexico, and the United States. 

The purpose of the IT Operations & Technology Experience is to provide sustainable and secure high quality technology experiences that enable staff to succeed. Productive and secure day one and always.

Reporting to the Senior IT Operations & Technology Experience Manager, the Senior Security Engineer will take the lead in securing the organisation's IT infrastructure, applications, and data. Collaborating with Security Analysts, Managed Security Service Provider (MSSP), and the IT Systems Operations and Product Security teams. -

What you'll be doing

    • Security Monitoring & Incident Response
    • Optimise and fine-tune SIEM rules, policies, and thresholds in collaboration with the MSSP.
    • Lead incident response efforts, including containment, mitigation, and resolution.
    • Conduct post-incident analysis, forensic investigations.
    • Security automation (SOAR) implementation.
    • Monitor and investigate security alerts from EDR, DLP, and email security tools.

    • SaaS & Identity Security
    • Oversee security configurations for SaaS applications (Google Workspace, Slack, Okta, etc.).
    • Manage authentication policies and access controls within SaaS tools and IAM.
    • Conduct security audits and ensure SaaS tools align with compliance requirements.

    • Endpoint, Network, and Email Security
    • Manage and secure endpoint protection (EDR), antivirus, firewalls, and VPN security.
    • Enforce network security best practices and assist in vulnerability management efforts.
    • Oversee email security configuration, phishing prevention, and spam filtering.

    • Compliance & Risk Management
    • Perform security audits and risk assessments for systems, vendors, and applications.
    • Collaborate with leadership to develop and implement risk mitigation strategies, ensure PCI and SOX compliance, and maintain GDPR regulatory compliance through proactive security control monitoring.

    • Vendor Collaboration & Continuous Improvement
    • Participate in security vendor meetings (MSSP, Crowdstrike, and others) to enhance security posture.
    • Stay up-to-date on industry trends, security threats, and best practices.
    • Be aware and accountable to your responsibilities in relation to workplace health and safety obligations.  

About you

    • 5+ years of experience in IT security or cybersecurity engineering.
    • Proficiency with SIEM tools (Sumo Logic) and SOC operations.
    • Hands-on experience with EDR, DLP, firewalls, VPNs, IAM, and security automation.
    • Ideally experience in fast growing digital companies, requiring agile planning to manage fast growing operations.
    • Familiarity with a variety of information security standards and frameworks, (e.g PCI/DSS, NIST Cybersecurity Framework, ISO27001).
    • Familiarity with current and evolving international privacy obligations (e.g. Australian Privacy Principles, European Privacy principles: DPD, GDPR, EU-US-Shield..etc)
    • Experience securing SaaS tools and applications.
    • Scripting and automation skills (Ruby, Python) preferred.
    • Relevant industry certifications (CISSP, CISM, CEH, GCIH, or equivalent) preferred
Life at Envato

• Flexible Working: remote-first with flexibility for you to manage work and life as you need. 
• Work from Anywhere: apply to work in another location for up to 3 months per calendar year.
• Conoce Mexico: a unique travel benefit for you to explore and visit new places across Mexico.
• Connection Budget: an annual budget to connect with the team IRL where and when possible.
• Learning Budget - Study leave and an annual budget for you to put towards your learning and development.
• Home Office Allowance: contribution towards your set-up and a monthly allowance to support work from home costs.
 Wellbeing: access to a holistic assistance program that provides support in many areas of life and health.
• Volunteer Leave: 2 days per calendar year to volunteer and give back to the community.
• Parental Leave: 20 weeks paid primary carer leave, and 6 weeks paid secondary carers leave.  
• Christmas Bonus, Paid Holidays and Holiday Bonus: we offer 30 days paid in December, you will have 12 days vacation in the first year, and you will earn 100% of holiday bonus.
• Grocery tickets: we offer you a monthly amount of 5% (subject to the legal cap) in food vouchers, which can be used in markets, pharmacies and more.
  5% Saving Funds (fondo de ahorro).
Private Health Insurance (SGMM).
  Unlimited Ebooks.

By submitting your application you are agreeing to our Privacy Policy. If you would like to understand how we handle personal information before submitting your application, please read through our Privacy Policy.

Research shows candidates from neurodiverse and underrepresented backgrounds often only apply for roles if they meet all the criteria. We like to make our hiring decisions based on lived experience, so if you’re keen to apply and need reasonable adjustments please let us know.

We appreciate the time you’ve taken to apply to Envato and we're committed to responding to every applicant.


#Guadalajara
Apply for this job
Jobs powered by Lever logo