Cybersecurity Engineer

Who We Are

Simpli.fi provides marketing technologies, solutions, and workflow automation for advertisers and agencies of all sizes. We specialize in helping organizations that operate across many locations, jurisdictions, or local markets—where location matters and incrementality counts—by uniting data, automation, and intelligence to drive measurable growth.

Our platform powers highly targeted, high-volume campaigns across omnichannel environments including CTV, native, mobile, display, and social. We deliver transparent performance with local precision at national scale. Simpli.fi enables marketers—from multi-location brands and independent agencies who serve them, to political, advocacy, and public-affairs organizations—to activate locally relevant messaging, measure real-world impact, and generate clear, actionable insights.

Simpli.fi is backed by leading private equity firms Blackstone and GTCR. To learn more, visit Simpli.fi.

What We’re Looking For

Simpli.fi is currently looking for a Cybersecurity Engineer, you will join a security team focused on practical risk reduction across endpoints, identity, logging, and compliance operations. This role is well suited to a systems-oriented generalist who can connect dots across tools and environments, understand how failures propagate, and help the organization improve security outcomes without losing momentum.

This is an individual contributor role. This role is not siloed. You will work across endpoint security, identity, telemetry, and compliance workflows. You will have opportunities to make improvements that are visible across engineering and the broader company.

Security is part of how we deliver a great workplace experience and build customer trust. The work in this role helps employees stay productive and safe, reduces disruption from preventable issues, and supports the evidence and assurance that customers and auditors rely on.

Growth & Learning

You will have room to grow by owning meaningful outcomes end to end. That includes deepening expertise in endpoint security, identity, telemetry, and compliance operations, and learning adjacent systems through hands-on work, documentation, and automation. We prioritize durable improvements over heroics, so learning and progress are sustainable.

How We Work

We aim for a sustainable pace and clear priorities. This role has broad scope because it touches systems people rely on every day, not because we expect heroics. There is no mandatory on-call rotation for this position, and most work weeks are around 40 hours. When urgent incidents happen, we collaborate to resolve them, and that can occasionally require engagement outside normal hours. We value durable improvements, automation, and good documentation over “always available” expectations.

What You’ll Be Doing

• Own and improve endpoint security outcomes across macOS and Windows
• Deployment, configuration, investigations, and remediation support
• Support incident response with a focus on diagnosis, recovery, and root cause understanding
• Use logs and telemetry to investigate events and identify patterns
• Correlate signals across systems rather than relying on a single tool
• Own operational security compliance workflows
• Maintain and improve SOC 2 evidence collection
• Track down evidence across systems and teams
• Ensure controls reflect real system behavior
• Administer and improve the company’s Vanta implementation
• Maintain accurate integrations and control mappings
• Reduce manual evidence collection where possible
• Improve how security tooling and controls fit together through pragmatic configuration and automation
• Partner with IT and engineering stakeholders to translate technical risk and compliance needs into clear actions and tradeoffs
• Document systems, controls, and operational knowledge so improvements persist
  

YOU’LL HAVE THE FOLLOWING TO SUCCEED IN THIS ROLE:

Core Skills

• Strong problem solving skills with close attention to detail
• Systems thinking and pattern recognition
• Ability to reason across endpoints, identity, networking, access controls, telemetry, compliance controls, and cloud environments
• A pragmatic security mindset
• Able to balance risk reduction, operational reality, and audit requirements
• Clear communication and translation skills
• Able to explain security and compliance requirements without alarmism or unnecessary friction
• Strong documentation and evidence hygiene
• Comfortable producing clear, accurate, and defensible artifacts
  

Technical Foundations

• Strong systems and troubleshooting background
• Comfortable reasoning about operating systems, processes, and networking fundamentals
• Able to diagnose issues across macOS, Windows, and Linux environments
• Endpoint security fundamentals
• Experience operating endpoint security tooling and supporting investigations is strongly preferred
• Comfortable with investigation workflows and remediation support
• Identity and access familiarity
• Understanding how identity underpins access control and audit evidence
• Familiarity with identity providers such as Okta or comparable platforms
• Logging and telemetry experience
• Comfortable querying and correlating logs to support investigations and audit evidence
• SIEM experience is helpful, including Datadog or similar platforms
• Cloud platform familiarity
• Working knowledge of at least one cloud platform (AWS, GCP, or Azure) sufficient to support investigations, risk assessment, and compliance evidence needs
  

Compliance And Governance Operations

• Hands-on experience supporting SOC 2 or similar audits
• Evidence collection, validation, and auditor interaction
• Experience working with compliance automation platforms such as Vanta
• Maintaining integrations and control mappings
• Identifying and closing evidence gaps
• Ability to connect written controls to real system behavior
• Avoids paper-only compliance
• Ensures controls remain accurate over time
  

Scripting And Automation

• Comfortable with scripting across macOS, Linux, and Windows
• Able to read scripts, modify logic safely, and automate repetitive work
• Python is preferred, but comparable scripting experience is acceptable
  

Nice To Have

(Useful but not required. No candidate is expected to have all of these.)

• Experience with SIEM platforms and investigation workflows
• Deeper cloud security expertise in AWS, GCP, or Azure
• Examples include IAM design, security monitoring, network controls, or incident investigation in cloud environments
• Endpoint management experience (Jamf, Intune, GPO, MDM patterns)
• Experience with identity integrations and access control patterns (SSO, SAML, SCIM)
• Prior participation in external audits or customer security reviews
• Certifications (CISSP, CISM, etc.).
  

The Right Person Will

• Enjoy operating as a generalist with one or more anchor domains
• Be comfortable moving between security engineering, operations, and compliance work
• Prefer improving systems over producing one-off artifacts
• Take ownership of messy or underspecified areas and make them better over time
• Be comfortable saying they do not know something and then figuring it out
  
  

Show Your Work

We value demonstrated ability more than credentials. Skills gained through personal projects, self study, bootcamps, or non traditional experience are welcome.

You May Share

• Technical documentation or runbooks you created
• Incident writeups or postmortems you contributed to
• Evidence workflows or automation you improved
• Scripts or tools you built
• Open source contributions or community involvement
  
  

Public examples are not required. Many strong engineers work entirely in private or internal systems, and we are happy to discuss your experience directly.

Working With Us Has Its Rewards

Awesome company environment and benefits with a great management team. Competitive pay based on experience, 17 PTO days, 401K match, long-term incentive plan and employer sponsored healthcare options. Hybrid work schedule. The company is focused on developing and mentoring employees!

Candidates must be authorized to work in the United States. We are unable to provide visa sponsorship at this time.