Senior Enterprise Security Engineer

At Webflow, our mission is to bring development superpowers to everyone. As the pioneer of the Website Experience Platform (WXP), we’re redefining how teams Build, Manage, and Optimize for the web — combining visual development, powerful content management systems, AI-driven personalization, seamless hosting, and end-to-end analytics in a single, unified platform. With AI at the core, Webflow helps teams move faster, create more performant digital experiences, and scale without heavy engineering support. From independent designers and creative agencies to global enterprises, hundreds of thousands of organizations use Webflow to turn ideas into reality — and to power what’s possible on the web.

We’re looking for an Enterprise Security Engineer on Webflow's Security Operations team. You will work with the Manager, Security Operations to help us meet current and future product security needs.

• Type: Full-time

As a Senior Enterprise Security Engineer on our Security Operations team, you will:

• Help execute Webflow’s enterprise security strategy and secure our corporate environment, including:
  • Endpoints, SaaS apps, and internal tools
  • Corporate networks and offices
  • IT processes and HR operations
• Work closely with IT, Compliance, Incident Response, and People teams to design, deploy, and manage security solutions, support frameworks like SOC2, and participate in incident response, forensics, and 3rd-party risk management.

You’ll thrive as a Senior Enterprise Security Engineer if you:

• Are a technologist with a broad understanding of the technology space and current IT trends and tooling.
• Have 4+ years of experience evaluating and securing corporate IT environments with a focus on risk reduction and sustainable security.
• Have experience securing endpoints and working with tools such as Jamf, Qualys and CrowdStrike.
• Have experience with IAM & IDP systems such as Okta.
• Have experience performing security design reviews and risk assessments for new services and integrations.
• Have experience with incident response and conducting endpoint forensics.
• Have a solid understanding of the corporate threat landscape and intrusion patterns, with the ability to investigate potential security issues.
• Have experience securing Mac & Windows endpoints.
• Experience evaluating and securing corporate network environments.
• Experience developing code and building services to enhance security operations in at least one language (e.g., Python, Golang, Typescript).
• Understand IT processes and HR operations, tools and procedures.
• Experience working with security frameworks such as SOC2 or ISO 27001.

Nice to Have Experience:

• Familiarity with Identity and Access Management, Authentication & Authorization, Endpoint management, and SaaS security posture management.
• Expertise in OSQuery, Okta, and AWS is a plus.
• Experience with SIEM tools for forensics.
• Experience with physical/office security.

You Are:

• Collaborative: You possess a collaborative spirit, thriving when working with both your immediate team and cross-functional partners.
• Strategic thinker: You're a strategic thinker, adept at defining clear business needs and evaluating solutions to make informed build-versus-buy decisions.
• Comfortable with ambiguity: You navigate ambiguous situations with ease, gathering data and making progress even with incomplete information or unclear requirements.

If you don’t meet 100% of the above qualifications, you should still seriously consider applying. Studies show that you can still be considered for a role if you meet just 50% of the role’s requirements.

• Build lasting customer trust. We build trust by taking action that puts customer trust first.
• Win together. We play to win, and we win as one team. Success at Webflow isn't a solo act.
• Reinvent ourselves. We don't just improve what exists, we imagine what's possible.
• Deliver with speed, quality, and craft. We move fast because the moment demands it, and we do so without lowering the bar.

• Equity ownership (RSUs) in a growing, privately-owned company
• 100% employer-paid healthcare, vision, and dental insurance coverage for full-time employees and their dependents
• 12 weeks of paid parental leave for both birthing and non-birthing caregivers, plus additional leave options where applicable
• Flexible PTO for all locations and sabbatical program
• Access to mental wellness resources, coaching, therapy, and Employee Assistance Program
• Monthly stipends to support work and wellness
• 401k plan or pension schemes where applicable, with financial wellness benefits

At Webflow, equality is a core tenet of our culture. We are an Equal Opportunity Employer and are committed to building an inclusive global team that represents a variety of backgrounds, perspectives, beliefs, and experiences. Employment decisions are made on the basis of job-related criteria without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other classification protected by applicable law.

We are committed to building diverse teams. Participation in voluntary self-identification is optional and will not affect your candidacy.