Sr. Security Engineer 1 (Customer Trust)

For over 20 years, Smartsheet has helped people and teams achieve–well, anything. From seamless work management to smart, scalable solutions, we’ve always worked with flow. We’re building tools that empower teams to automate the manual, uncover insights, and scale smarter. But more than that, we’re creating space– space to think big, take action, and unlock the kind of work that truly matters. Because when challenge meets purpose, and passion turns into progress, that’s magic at work, and it’s what we show up for everyday.

The Sr. Security Engineer I is a critical technical role focused on deal acceleration, platform security evangelism, and the development of security features and capabilities that enhance our customer security and governance capabilities. You will support security and compliance during sales motions and bridge communication between complex customer security requirements and technical product engineering. You will work directly with customer security leaders (security engineers through CISOs) to communicate and clarify product security posture and controls results (such as pen test results), and will work with Smartsheet engineering to build security features that meet real-world customer requirements.. You will display product understanding through highly customized presentation demonstrations to customers and at conferences and events. 

This role reports to the Manager, Customer Trust and Engineering and can be based in our Bellevue, WA office or remotely from anywhere in the US where Smartsheet is a registered employer.

You Will:

• Serve as a trusted advisor to enterprise customers, CISOs, CIOs, and guiding them on Smartsheet security, compliance, and risk management.
• Evaluate customer infrastructure diagrams and data flows, and how Smartsheet can help with automation without compromising security. 
• Present scanning results (NIST 800-53 gaps, vulnerability scans, DAST/pen test, IaC scans) to customers including walking through remediations. Help customers interpret scan results and develop deviation rationales for findings that can't be directly remediated.
• Bridge the gap between FedRAMP, NIST 800-53 control language and Smartsheet implementation. Explain what NIST 800-53 controls mean in terms of Terraform configs, Kubernetes manifests, CI/CD pipelines and cloud configuration of Smartsheet across AWS and GCP.
• Provide executive-level support during major customer security incidents and ensure lessons learned inform improvements. Understand and adhere to legal, regulatory and compliance requirements while working on sensitive security incidents.
• Represent our cloud and AI security strategy at industry events, conferences, and customer councils.
• Capture new business by responding to complex customer security questionnaires and technical inquiries using automation and AI tooling, ensuring security-related impediments to closing deals are removed efficiently.
• Work alongside product engineering and Corporate IT to define technical specs for security features and protective measures that meet evolving customer requirements.
• Translate customer security concerns and regulatory needs into clear technical problem definitions for internal teams.
• Create and distribute technical assets (white papers, solution code, blog posts, and video demonstrations). 

You Have:

• Strong analytical and problem solving skills
• Ability to explain CI/CD and SDLC best practices and how Smartsheet is deployed. 
• Hands-on experience with AAA implementations (SSO, IdP, MFA enforcement, session management, etc.). 
• Hands-on experience with enterprise system and application integrations, and with security tooling such as EDR, VPNs, Vulnerability scanners, CSPM, and SIEM/CASB.
• 5+ years of total experience in cyber security, specifically within security engineering, security architecture, or sales engineering.
• Familiarity with NIST 800-53, ISO, SOC 2, FedRAMP, GDPR, and HIPAA.
• Excellent written and verbal communication skills, with the ability to influence stakeholders at all levels and create external-facing technical content.
• Bachelor’s degree in a related field or equivalent experience, and/or professional certifications such as CISSP, CCSP, GCSA, CISA, or CRISC.
• Experience conducting security reviews and threat modeling on infrastructure, software, and services.
• Must be legally eligible to work in the US on an ongoing basis.
•  

Get to Know Us:

At Smartsheet, your ideas are heard, your potential is supported, and your contributions have real impact. You’ll have the freedom to explore, push boundaries, and grow beyond your role. We welcome diverse perspectives and nontraditional paths—because we know that impact comes from individuals who care deeply and challenge thoughtfully. When you’re doing work that stretches you, excites you, and connects you to something bigger, that’s magic at work. Let’s build what’s next, together.

Equal Opportunity Employer:

Smartsheet is an Equal Opportunity (EEO) employer committed to fostering an inclusive environment with the best employees. It is our policy to provide equal employment opportunities to all qualified applicants in accordance with applicable laws in the US, UK, Australia, Germany, Costa Rica, Japan, Bulgaria, and India. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information. 

If there are preparations we can make to help ensure you have a comfortable and positive interview experience, please let us know.

#LI-Remote