DISQO

Senior Security Engineer

Full-Time

$180,000 – $200,000 per year

TLDR

Take ownership of DISQO's security posture while leading day-to-day security operations across a high-throughput AWS environment handling billions of signals.

DISQO’s mission is to build the world’s most trusted ad measurement platform that fuels brand growth. The world’s largest brands, agencies, and media companies trust DISQO for expert insight and AI-driven intelligence about their advertising performance across all platforms. We capture people’s sentiments and journeys, connecting them with the brands they value and the media they consume. With this identity-based approach, brands gain more accurate and authentic insight so they can create more meaningful interactions. Joining DISQO Nation means becoming part of a community that champions speed, innovation, and continuous growth. We invest deeply in our talent, empowering our teams to reach their highest potential. Together, we are shaping the future of work at DISQO—defined by performance, purpose, and impact. We show up each day with curiosity and ambition, committed to learning, accelerating growth, and making a lasting difference. Grounded in our values and principles, we lead and collaborate to elevate performance, accountability, and excellence at every level of the organization. And through it all, we make sure to have fun along the way. DISQO is hiring a Senior Security Engineer to take definitive ownership of our comprehensive security posture, encompassing both AWS cloud and endpoint security. This critical role leads day-to-day security operations across our platform, which includes a high-throughput AWS environment that processes billions of measurement signals. We rely heavily on AI-assisted tooling to enable a small, effective security team. This is a hands-on individual contributor role. You will harden our AWS footprint, run detection and incident response, and build automations that turn repetitive security work into code. You will be expected to use AI coding agents (Claude Code, Cursor, or similar) as part of your default workflow. You will report to the Director of Platform and partner closely with Engineering, IT, Product, and Legal. No direct reports. You influence through designs, code, reviews, and the systems you ship. Position Summary: As Senior Security Engineer, you are the technical owner of DISQO's security posture, encompassing both cloud and endpoint environments. You set the technical bar for security and security operations, driving the implementation of Zero Trust principles across our infrastructure and employee devices. On the cloud side, you own AWS identity, network, data, and account-level controls. On the operations side, you manage detection engineering, alert triage, incident response, and vulnerability management. As an AI-enabled engineer, you leverage coding agents and automation to build tools, agents, and integrations that compress manual toil into seconds, scaling the security practice. You will work with autonomy on cross-functional initiatives, drive architectural decisions for security-critical systems, and help build a forward-leaning, AI-native security practice. What you will do:

AWS Cloud Security:

Own the security posture of our AWS environment: IAM, networking, encryption, KMS, secrets management, and multi-account governance.

Operate AWS-native security services: GuardDuty, Security Hub, Config, IAM Access Analyzer, Macie, Inspector, CloudTrail, and Control Tower.

Design and review secure-by-default patterns for new services. Provide security guidance on Terraform, CloudFormation, and CDK changes.

Drive identity, network, and data perimeter strategy. Reduce blast radius and enforce least privilege across accounts.

Harden container, serverless, and Kubernetes (EKS) workloads where they touch sensitive data.

Security Operations:

Run day-to-day SecOps: detection engineering, alert triage, threat hunting, and incident response.

Tune and operate the SIEM, SOAR, and EDR stack (e.g., CrowdStrike). Author and maintain detections as code.

Drive the implementation of Zero Trust principles and manage endpoint security for employee devices, including local admin removal for employees handling customer data.

Lead incident response end-to-end: containment, forensics, root cause, customer comms, and blameless postmortems.

Run vulnerability management and patching cadence; track and drive remediation SLAs.

Build runbooks, on-call playbooks, and tabletop exercises that keep the team sharp.

AI-Enabled Engineering:

Use AI coding agents (Claude Code, Cursor, Copilot, or similar) daily to accelerate security engineering work.

Build automations and small services that turn manual security work into repeatable, code-defined workflows.

Apply AI to scale Tier-1 triage, alert enrichment, IR draft communications, and detection content authoring.

Help shape security guardrails for AI tooling and AI-related workloads as they emerge in our stack.

Governance, Risk & Compliance:

Support SOC 2 Type I/II and similar audits: evidence collection, control mapping, and customer questionnaire response.

Run third-party and vendor security assessments.

Manage security awareness training and the anti-phishing program.

Manage relationships and contracts with security vendors (MSSP, EDR, WAF, vulnerability management, etc.).

Cross-functional Partnership:

Champion the DevSecOps mindset and foster a security-first culture across engineering teams.

Be the go-to technical reviewer for new product surfaces, infrastructure designs, and data flows.

Partner with Legal and Privacy on regulatory requirements, control implementation, and audit readiness.

Mentor engineers on secure coding, threat modeling, and cloud security best practices.

What we're looking for:

Required:

Experience: 6+ years in cloud security, security operations, or infrastructure security, with hands-on production experience (not policy-only).

AWS Depth: Strong working knowledge of AWS security: IAM, VPC, KMS, GuardDuty, Security Hub, CloudTrail, Config, and multi-account governance.

Security Operations: Hands-on security incident response experience. You have led real investigations, written postmortems, and tuned detections in a SIEM/SOAR.

Coding Ability: Comfortable scripting and building small services in Python, Go, or similar. You ship automation, not just tickets.

AI-Enabled Workflow: Use AI coding agents (Claude Code, Cursor, Copilot) as part of your default workflow, not as an experiment.

Frameworks: Working knowledge of NIST CSF, CIS Controls, OWASP Top 10, and MITRE ATT&CK.

Experience implementing cloud-native detection and monitoring

Audit experience: SOC 2, ISO 27001, PCI, or similar.

Hands-on experience with endpoint security, including EDR (e.g., CrowdStrike), local admin removal, and device management/hardening.

Nice to have:

Detection engineering and SOAR/automation experience at scale.

IaC security: Terraform, CDK, or CloudFormation, plus CI/CD security gates and policy-as-code (OPA, Cedar).

Container and Kubernetes (EKS) security.

Multi-cloud exposure (GCP or Azure) in addition to AWS.

Familiarity with AI/LLM security (OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF). Useful but not required.

Certifications: AWS Security Specialty, CISSP, CCSP, GCIH, GCIA, GCFA, or OSCP.

Built custom MCP servers, agent frameworks, or in-house security tooling.

Open-source contributions to cloud security or detection engineering tooling.

#LI-MV1

At DISQO, we pride ourselves on having a positive, performance-oriented workplace that includes a flexible hybrid approach, competitive medical benefits, and an amazing vacation policy. Read more about our culture on Glassdoor.

You can learn more about what’s happening at DISQO by visiting the DISQO Company Blog.

Perks & Benefits:

·100% covered Medical/Dental/Vision for employee, competitive dependent coverage

·Stock options

·401K

·Generous PTO policy

·Team offsites, social events & happy hours

·Life Insurance

·Health FSA

·Commuter FSA (for hybrid employees)

·Catered lunch and fully stocked kitchen

·Paid Maternity/Paternity leave

·Disability Insurance

·Travel Assistance Program

·24/7 Counseling Services offered to Employees

Note: The benefits noted above are for full time US based employees only.

DISQO is an equal opportunity employer. Discovery, innovation, and growth are possible when we open ourselves to new possibilities, perspectives, and approaches. That’s why, at DISQO, we welcome, support, and empower individuals from diverse backgrounds. Exceptional teams are rooted in extraordinary people, each with a unique story and a compelling set of skills. DISQO does not discriminate against employees based on race, color, religion, sex, national origin, gender identity or expression, age, disability, pregnancy (including childbirth, breastfeeding, or related medical condition), genetic information, protected military or veteran status, sexual orientation, or any other characteristic protected by applicable federal, state or local laws.

*Recruiting firms that submit resumes to DISQO without first entering into a written contract will not be entitled to any compensation on candidates referred by that firm.

Benefits

Equity Compensation

Stock options

Flexible Work Hours

flexible hybrid approach

Health Insurance

100% covered Medical/Dental/Vision for employee, competitive dependent coverage

Team events

Team offsites, social events & happy hours

Paid Parental Leave

Paid Maternity/Paternity leave

Paid Time Off

Generous PTO policy

Apply for this job

DISQO

DISQO builds a trusted ad measurement platform that connects consumer sentiments with valuable brands, driving brand growth. Our platform serves major brands, agencies, and media companies by providing AI-driven insights into advertising performance across all platforms.

Founded: Founded 2015
Employees: 51-200 employees
Industry: Professional Services

View company profile

Senior Security Engineer

Report this job