Lead Security Engineer Enterprise Security

As a Lead Security Engineer on the Enterprise Security team you’ll play a central role in securing the corporate systems and platforms that Klaviyo runs on — spanning critical SaaS applications identity and access endpoints Zero Trust network architecture and perimeter security. You’ll partner across Engineering IT and the broader Security organization to mature existing programs introduce new capabilities and ensure our corporate security posture keeps pace with a fast-moving AI-first company.

This is a hands-on technical leadership role. You’ll be expected to deliver complex cross-functional projects end to end establish the design patterns and standards your team works from and mentor the engineers around you. You bring deep expertise in at least one enterprise security domain and the range to work credibly across several others.

At Klaviyo AI fluency isn’t optional — it’s foundational. You’ll lead with AI at every stage of your work from designing solutions to iterating on implementations and you’ll take full ownership of the quality and security of what you ship.

• Partner across several teams to drive the security architecture and lifecycle of Klaviyo’s critical SaaS applications from procurement to offboarding
• Ensure the design and operations of identity and access management (IAM) across corporate SaaS platforms including Just-in-Time Access (JITA) privilege management and SSO/SCIM integrations; ensuring identity implementation meets or exceeds security standards
• Mature and expand Klaviyo’s Zero Trust network architecture — establishing web gateways defining secure access policies and building the foundation for a modern corporate network security posture
• Champion an AI-first approach to security engineering: designing prototyping and iterating with AI tools and owning the responsible review and deployment of AI-generated artifacts
• Manage and mature Cloudflare WAF policies and other perimeter security controls ensuring coverage tuning and continuous improvement
• Expand and mature Klaviyo’s endpoint security strategy and tooling partnering with IT Detection Response and the broader security teams to achieve full endpoint visibility proactive threat coverage and rapid response capability across the fleet
• Deliver complex multi-team projects by decomposing technical problems into actionable workstreams setting the pace through all phases from requirements through production

• Have 7+ years of experience in security or infrastructure engineering roles with demonstrated ownership of enterprise security domains such as SaaS security IAM Zero Trust endpoint security or cloud-delivered security services
• Approach every project AI-first: you design with AI refine with AI and take full responsibility for validating and owning what you deploy — you are not a passive consumer of AI output
• Hands-on by default — you are equally comfortable writing policy-as-code reviewing architecture and debugging a production issue
• Proficient with Terraform for building and maintaining infrastructure-as-code across enterprise security systems
• Experienced operating in AWS environments with strong familiarity with cloud security services IAM policies and secure architecture patterns
• Experience with enterprise IdP solutions such as Okta AWS Cognito
• Experienced with enterprise security tooling such as Cloudflare (WAF gateway) Wiz (CNAPP/cloud security) and CrowdStrike (EDR/endpoint)
• Knowledgeable in secrets management JITA and modern identity patterns including SSO SCIM and privileged access workflows including SAML 2.0 SCIM OAuth and OIDC — note this is not a dedicated IAM role; fluency in these areas supports broader enterprise security ownership not identity program management
• Experienced mentoring engineers and working through influence: you raise the bar for the people around you and hold team-wide technical standards
• Nice to have: experience with GCP or Azure environments Spacelift for IaC orchestration AI agent development or securing AI coding platforms (e.g. Lovable Vercel Cursor)

What We Do

Klaviyo (NYSE: KVYO) is the B2C CRM. Powered by its built-in data platform and AI Klaviyo combines marketing automation analytics and customer service into one unified solution making it easy for businesses to know their customers and grow faster. Klaviyo (CLAY-vee-oh) helps over 183000 brands like Mattel Glossier Daily Harvest and Liquid Death deliver 1:1 experiences at scale improve efficiency and drive revenue.

Why Work With Us

We refer to our employees as ‘Klaviyos’ and we make up a diverse community united around shared values: We’re curious collaborative driven innovative fun and fully ourselves at work. No matter which team you join your work won’t just impact Klaviyo. It’ll help empower our customers and enable creators across the globe to own their destinies.

Gallery