Senior Security Engineer

DISQO is a leading provider of advertising intelligence, measuring brand and performance outcomes across every media channel to power data-driven marketing decisions. Trusted by 500+ of the world’s largest brands and 150+ agency and media partners, and recognized by Inc., Deloitte, Ad Age, Digiday, Forbes, and Cynopsis, DISQO is redefining the power of measurement in advertising. 

Joining DISQO Nation means being part of a team that moves fast, thinks boldly, and is passionate about solving meaningful problems. Innovation isn't just something we talk about, it's how we operate. We challenge assumptions, embrace new ideas, and continuously push ourselves to build better solutions for our customers and each other.

Our values guide how we work and win together. We believe in winning as one team, fostering a culture of collaboration, trust, and shared accountability. We pursue outsized impact by focusing on opportunities that drive meaningful results for our customers and our business. We champion the customer by putting their needs at the center of every decision and delivering solutions that create real value. And we are relentlessly all in, bringing energy, passion, and commitment to every challenge, every day.

If you're energized by high-growth environments, motivated by innovation, and excited by the opportunity to do impactful work alongside talented, driven teammates, you'll feel right at home at DISQO.

DISQO is hiring a Senior Security Engineer to take definitive ownership of our comprehensive security posture, encompassing both AWS cloud and endpoint security. This critical role leads day-to-day security operations across our platform, which includes a high-throughput AWS environment that processes billions of measurement signals. We rely heavily on AI-assisted tooling to enable a small, effective security team.

This is a hands-on individual contributor role. You will harden our AWS footprint, run detection and incident response, and build automations that turn repetitive security work into code. You will be expected to use AI coding agents (Claude Code, Cursor, or similar) as part of your default workflow.

You will report to the Director of Platform and partner closely with Engineering, IT, Product, and Legal. No direct reports. You influence through designs, code, reviews, and the systems you ship.

Position Summary:

As Senior Security Engineer, you are the technical owner of DISQO's security posture, encompassing both cloud and endpoint environments. You set the technical bar for security and security operations, driving the implementation of Zero Trust principles across our infrastructure and employee devices. On the cloud side, you own AWS identity, network, data, and account-level controls. On the operations side, you manage detection engineering, alert triage, incident response, and vulnerability management. As an AI-enabled engineer, you leverage coding agents and automation to build tools, agents, and integrations that compress manual toil into seconds, scaling the security practice.

You will work with autonomy on cross-functional initiatives, drive architectural decisions for security-critical systems, and help build a forward-leaning, AI-native security practice.

What you will do:

• AWS Cloud Security:

• Own the security posture of our AWS environment: IAM, networking, encryption, KMS, secrets management, and multi-account governance.

• Operate AWS-native security services: GuardDuty, Security Hub, Config, IAM Access Analyzer, Macie, Inspector, CloudTrail, and Control Tower.

• Design and review secure-by-default patterns for new services. Provide security guidance on Terraform, CloudFormation, and CDK changes.

• Drive identity, network, and data perimeter strategy. Reduce blast radius and enforce least privilege across accounts.

• Harden container, serverless, and Kubernetes (EKS) workloads where they touch sensitive data.

• Security Operations:

• Run day-to-day SecOps: detection engineering, alert triage, threat hunting, and incident response.

• Tune and operate the SIEM, SOAR, and EDR stack (e.g., CrowdStrike). Author and maintain detections as code.

• Drive the implementation of Zero Trust principles and manage endpoint security for employee devices, including local admin removal for employees handling customer data.

• Lead incident response end-to-end: containment, forensics, root cause, customer comms, and blameless postmortems.

• Run vulnerability management and patching cadence; track and drive remediation SLAs.

• Build runbooks, on-call playbooks, and tabletop exercises that keep the team sharp.

• AI-Enabled Engineering:

• Use AI coding agents (Claude Code, Cursor, Copilot, or similar) daily to accelerate security engineering work.

• Build automations and small services that turn manual security work into repeatable, code-defined workflows.

• Apply AI to scale Tier-1 triage, alert enrichment, IR draft communications, and detection content authoring.

• Help shape security guardrails for AI tooling and AI-related workloads as they emerge in our stack.

• Governance, Risk & Compliance:

• Support SOC 2 Type I/II and similar audits: evidence collection, control mapping, and customer questionnaire response.

• Run third-party and vendor security assessments.

• Manage security awareness training and the anti-phishing program.

• Manage relationships and contracts with security vendors (MSSP, EDR, WAF, vulnerability management, etc.).

• Cross-functional Partnership:

• Champion the DevSecOps mindset and foster a security-first culture across engineering teams.

• Be the go-to technical reviewer for new product surfaces, infrastructure designs, and data flows.

• Partner with Legal and Privacy on regulatory requirements, control implementation, and audit readiness.

• Mentor engineers on secure coding, threat modeling, and cloud security best practices.

What we're looking for:

• Required:

• Experience: 6+ years in cloud security, security operations, or infrastructure security, with hands-on production experience (not policy-only).

• AWS Depth: Strong working knowledge of AWS security: IAM, VPC, KMS, GuardDuty, Security Hub, CloudTrail, Config, and multi-account governance.

• Security Operations: Hands-on security incident response experience. You have led real investigations, written postmortems, and tuned detections in a SIEM/SOAR.

• Coding Ability: Comfortable scripting and building small services in Python, Go, or similar. You ship automation, not just tickets.

• AI-Enabled Workflow: Use AI coding agents (Claude Code, Cursor, Copilot) as part of your default workflow, not as an experiment.

• Frameworks: Working knowledge of NIST CSF, CIS Controls, OWASP Top 10, and MITRE ATT&CK.

• Experience implementing cloud-native detection and monitoring

• Audit experience: SOC 2, ISO 27001, PCI, or similar.

• Hands-on experience with endpoint security, including EDR (e.g., CrowdStrike), local admin removal, and device management/hardening.

• Nice to have:

• Detection engineering and SOAR/automation experience at scale.

• IaC security: Terraform, CDK, or CloudFormation, plus CI/CD security gates and policy-as-code (OPA, Cedar).

• Container and Kubernetes (EKS) security.

• Multi-cloud exposure (GCP or Azure) in addition to AWS.

• Familiarity with AI/LLM security (OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF). Useful but not required.

• Certifications: AWS Security Specialty, CISSP, CCSP, GCIH, GCIA, GCFA, or OSCP.

• Built custom MCP servers, agent frameworks, or in-house security tooling.

• Open-source contributions to cloud security or detection engineering tooling.