Job Description
DISQO is hiring a Senior Security Engineer to take definitive ownership of our comprehensive security posture encompassing both AWS cloud and endpoint security. This critical role leads day-to-day security operations across our platform which includes a high-throughput AWS environment that processes billions of measurement signals. We rely heavily on AI-assisted tooling to enable a small effective security team.
This is a hands-on individual contributor role. You will harden our AWS footprint run detection and incident response and build automations that turn repetitive security work into code. You will be expected to use AI coding agents (Claude Code Cursor or similar) as part of your default workflow.
You will report to the Director of Platform and partner closely with Engineering IT Product and Legal. No direct reports. You influence through designs code reviews and the systems you ship.
Position Summary:
As Senior Security Engineer you are the technical owner of DISQO's security posture encompassing both cloud and endpoint environments. You set the technical bar for security and security operations driving the implementation of Zero Trust principles across our infrastructure and employee devices. On the cloud side you own AWS identity network data and account-level controls. On the operations side you manage detection engineering alert triage incident response and vulnerability management. As an AI-enabled engineer you leverage coding agents and automation to build tools agents and integrations that compress manual toil into seconds scaling the security practice.
You will work with autonomy on cross-functional initiatives drive architectural decisions for security-critical systems and help build a forward-leaning AI-native security practice.
What you will do:
- AWS Cloud Security:
Own the security posture of our AWS environment: IAM networking encryption KMS secrets management and multi-account governance.
Operate AWS-native security services: GuardDuty Security Hub Config IAM Access Analyzer Macie Inspector CloudTrail and Control Tower.
Design and review secure-by-default patterns for new services. Provide security guidance on Terraform CloudFormation and CDK changes.
Drive identity network and data perimeter strategy. Reduce blast radius and enforce least privilege across accounts.
Harden container serverless and Kubernetes (EKS) workloads where they touch sensitive data.
- Security Operations:
Run day-to-day SecOps: detection engineering alert triage threat hunting and incident response.
Tune and operate the SIEM SOAR and EDR stack (e.g. CrowdStrike). Author and maintain detections as code.
Drive the implementation of Zero Trust principles and manage endpoint security for employee devices including local admin removal for employees handling customer data.
Lead incident response end-to-end: containment forensics root cause customer comms and blameless postmortems.
Run vulnerability management and patching cadence; track and drive remediation SLAs.
Build runbooks on-call playbooks and tabletop exercises that keep the team sharp.
- AI-Enabled Engineering:
Use AI coding agents (Claude Code Cursor Copilot or similar) daily to accelerate security engineering work.
Build automations and small services that turn manual security work into repeatable code-defined workflows.
Apply AI to scale Tier-1 triage alert enrichment IR draft communications and detection content authoring.
Help shape security guardrails for AI tooling and AI-related workloads as they emerge in our stack.
- Governance Risk & Compliance:
Support SOC 2 Type I/II and similar audits: evidence collection control mapping and customer questionnaire response.
Run third-party and vendor security assessments.
Manage security awareness training and the anti-phishing program.
Manage relationships and contracts with security vendors (MSSP EDR WAF vulnerability management etc.).
- Cross-functional Partnership:
Champion the DevSecOps mindset and foster a security-first culture across engineering teams.
Be the go-to technical reviewer for new product surfaces infrastructure designs and data flows.
Partner with Legal and Privacy on regulatory requirements control implementation and audit readiness.
Mentor engineers on secure coding threat modeling and cloud security best practices.
What we're looking for:
- Required:
Experience: 6+ years in cloud security security operations or infrastructure security with hands-on production experience (not policy-only).
AWS Depth: Strong working knowledge of AWS security: IAM VPC KMS GuardDuty Security Hub CloudTrail Config and multi-account governance.
Security Operations: Hands-on security incident response experience. You have led real investigations written postmortems and tuned detections in a SIEM/SOAR.
Coding Ability: Comfortable scripting and building small services in Python Go or similar. You ship automation not just tickets.
AI-Enabled Workflow: Use AI coding agents (Claude Code Cursor Copilot) as part of your default workflow not as an experiment.
Frameworks: Working knowledge of NIST CSF CIS Controls OWASP Top 10 and MITRE ATT&CK.
Experience implementing cloud-native detection and monitoring
Audit experience: SOC 2 ISO 27001 PCI or similar.
Hands-on experience with endpoint security including EDR (e.g. CrowdStrike) local admin removal and device management/hardening.
- Nice to have:
Detection engineering and SOAR/automation experience at scale.
IaC security: Terraform CDK or CloudFormation plus CI/CD security gates and policy-as-code (OPA Cedar).
Container and Kubernetes (EKS) security.
Multi-cloud exposure (GCP or Azure) in addition to AWS.
Familiarity with AI/LLM security (OWASP LLM Top 10 MITRE ATLAS NIST AI RMF). Useful but not required.
Certifications: AWS Security Specialty CISSP CCSP GCIH GCIA GCFA or OSCP.
Built custom MCP servers agent frameworks or in-house security tooling.
Open-source contributions to cloud security or detection engineering tooling.
What the Team is Saying






What We Do
DISQO’s mission is to build the world’s most trusted ad measurement platform that fuels brand growth. The world’s largest brands agencies and media companies trust DISQO for expert insight and AI-driven intelligence about their advertising performance across all platforms. We capture people’s sentiments and journeys connecting them with the brands they value and the media they consume. With this identity-based approach brands gain more accurate and authentic insight so they can create more meaningful interactions. Founded in 2015 and headquartered in Los Angeles DISQO is recognized as a hyper-growth tech startup and one of the best places to work in the US with more than 270 team members globally. Follow @DISQO on LinkedIn and Twitter/X.
Why Work With Us
At DISQO we don’t just hire talent—we champion it. We unlock potential fuel growth and raise the bar. Our culture thrives on curiosity creativity and courage. Respect is non-negotiable collaboration is instinctive and impact is expected. Here you grow lead and redefine what’s possible.
Gallery
DISQO Offices
Hybrid Workspace
Employees engage in a combination of remote and on-site work.
In 2023 we implemented a structured hybrid model for employees who live within 50 miles of any of our physical offices (Glendale CA/New York NY/Yerevan Armenia). All other employees are encouraged to visit offices.
Similar Jobs
DISQO
Business Development Representative
Explore More
Date Posted
05/01/2026
Views
0
Similar Jobs
Senior Principal FPGA Verification Engineer - $15K Sign-On Bonus -
Views in the last 30 days - 0
View DetailsSenior Platform Engineer - Database Administration (AWS Focus) -
Views in the last 30 days - 0
View DetailsSenior Strategic Account Executive, Existing Accounts- East or Central Region -
Views in the last 30 days - 0
View DetailsSecurity Testing Specialist Sr - Tuesday - Saturday - 11pm - 7am MST -
Views in the last 30 days - 0
View Details