Senior Information Security Engineer

Come join Deepwatch’s team of world‑class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!

Deepwatch is the leader in managed security services, protecting organizations from ever‑increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud‑based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid‑sized enterprises, trust Deepwatch to protect their business.

Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.

• 2025, 2024, 2023, 2022 and 2021 Great Place to Work® Certified
• 2024 Military Times Best for Vets Employers
• 2024 US Department of Labor Hire Vets Gold Award
• 2024 Forbes' America's Best Startup Employers
• 2024 Cyber Defense Magazine, Global Infosec Awards
• 2023 and 2022 Fortress Cybersecurity Award
• 2023 $ 180M Series C investment from Spring coast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
• 2022 Cybersecurity Excellence Award for MDR

We are seeking a senior‑level, high‑impact Information Security Engineer to help scale and mature a modern, cloud‑first security program. This is not a narrow or siloed role. You will operate across cloud security, vulnerability management, automation, compliance, and workforce security. You will report directly to the CISO and have visibility into—and influence over—the organization’s entire security posture.

Our environment is AWS and SaaS‑centric, supporting a modern, macOS‑heavy workforce. We are looking for someone who thrives in ownership, moves decisively, and understands how to balance security rigor with business velocity.

This role is for a builder, operator, and problem‑solver.

• Own end‑to‑end security operations: monitoring, investigation, and response across AWS, SaaS, and endpoint environments.
• Lead incident response from triage to root cause and executive reporting.
• Design and refine operational playbooks.
• Secure AWS using Wiz and native controls, proactively addressing misconfigurations and identity risks.
• Continuously assess cloud posture and drive remediation with Cloud Engineering, embedding secure‑by‑design principles.
• Own the vulnerability management lifecycle (Tenable), translating data into business risk decisions and driving architectural improvements.
• Manage and optimize endpoint detection and response (Crowd Strike).
• Oversee identity and access control validation, including quarterly reviews and least‑privilege enforcement.
• Lead phishing simulations and security awareness.
• Build automation and response workflows with Torq to accelerate remediation.
• Continuously evaluate and optimize the security stack; identify bottlenecks and engineer scalable solutions.
• Maintain and mature compliance (ISO 27001, SOC 2, PCI‑DSS) using Drata for continuous monitoring and audit readiness.
• Conduct control testing (CIS Benchmarks, MITRE ATT&CK).
• Support risk assessments and security evaluations.
• Act as a security advisor to IT, Engineering, and business leadership, providing risk‑informed guidance and helping shape the security program roadmap.