Enterprise Security Engineer

About this role

Strava is the app for active people. With over 150 million athletes in more than 185 countries, it’s more than tracking workouts—it’s where connection, motivation, and personal bests thrive. No matter your activity, gear, or goals, Strava’s got you covered. Find your crew, crush your milestones, and keep moving forward. Start your journey with Strava today.

This role is on the Strava Security Team, which exists to protect Strava’s people, business, and data through integrated, proactive security practices.

We work across all security domains, including, but not limited to, product security, vulnerability management, incident response, infrastructure, network, governance, and enterprise security.

We follow a flexible hybrid model that generally translates to around half your time on-site in our San Francisco office—roughly three days per week.

You’re excited about this opportunity because you:

• Are excited to work on and support a platform that supports millions of users and their activities every day
• Enjoy developing, improving, and securing software, building identity and access management flows, and building automations between systems
• Will have a high leverage impact on product development by empowering the business to work more quickly and securely
• Will help teams identify and implement the security prospects of multiple solutions that keep the organization safe from threats

You will be successful here by:

• Being highly self-motivated and self-starting, with exceptional attention to detail
• Being responsible for analyzing the security of SaaS applications and services, discovering and addressing security issues, building security automation, and quickly reacting to new threat scenarios
• Working with Strava engineers and business partners to create secure-by-default solutions to business problems
• Building empathy for your Strava Colleagues by developing a deep understanding of the product development process end-to-end
• Seeking out engineering solutions to problems and eschewing toil

We’re excited about you because you:

• Have previously worked in an Enterprise Security or Information Technology with a heavy focus on securing endpoint hardening, MFA, SaaS security, Corporate Networks, APIs, and identity and access management best practices
• Have experience with modern principles of transparent and user focused security
• Have experience partnering with IT teams to implement and maintain solutions at the corporate level
• Have experience with continuous integration environments, writing testable software, and test-driven development.
• Have working knowledge of the OWASP Top 10 as well as risk-based security practices, including threat modeling.
• Hands on experience securing Google Workspace, Okta, and other top corporate SaaS solutions
• Script in a least one language such as Python
• Can improvise and adapt. Rote processes won’t always work here, so bring your bag of tricks.
• Are a strong, clear, and proactive communicator who values sharing knowledge with others. We are a distributed company spread across many time zones, dependent on many forms of communication to collaborate and achieve our goals.

Compensation Overview

At Strava, we know our employees are the most important ingredient to our success, and our compensation and total rewards programs reflect that. We take a market-based approach to pay, and pay may vary depending on the department and your location. Salary ranges are categorized into one of three tiers based on a cost of labor index for that geographic area. We will determine the candidate’s starting pay based on job-related skills, experience, qualifications, work location, and market conditions. We may modify these ranges in the future. For more information, please contact your talent partner.

Compensation: $208,000 - $220,000. The base salary posted is within the compensation range for this role. This range reflects base pay only and does not include, equity, or benefits. Your recruiter can share more about the specific salary range for your location during the hiring process.

For more information on benefits, please click here.

Why Join Us?

Movement brings us together. At Strava, we’re building the world’s largest community of active people, helping them stay motivated and achieve their goals.

Our global team is passionate about making movement fun, meaningful, and accessible to everyone. Whether you’re shaping the technology, growing our community, or driving innovation, your work at Strava makes an impact.

When you join Strava, you’re not just joining a company—you’re joining a movement. If you’re ready to bring your energy, ideas, and drive, let’s build something incredible together.

Strava builds software that makes the best part of our athletes’ days even better. Just as we’re deeply committed to unlocking their potential, we’re dedicated to providing a world-class, inclusive workplace where our employees can grow and thrive, too. We’re backed by Sequoia Capital, TCV, Madrone Partners and Jackson Square Ventures, and we’re expanding in order to exceed the needs of our growing community of global athletes. Our culture reflects our community. We are continuously striving to hire and engage teammates from all backgrounds, experiences and perspectives because we know we are a stronger team together.

Strava is an equal opportunity employer. In keeping with the values of Strava, we make all employment decisions including hiring, evaluation, termination, promotional and training opportunities, without regard to race, religion, color, sex, age, national origin, ancestry, sexual orientation, physical handicap, mental disability, medical condition, disability, gender or identity or expression, pregnancy or pregnancy-related condition, marital status, height and/or weight.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

California Consumer Protection Act Applicant Notice