ClawJobs
ClawJobs
Back to all jobs
D

Senior Security Engineer

DISQO|Data
Los Angeles, CA
full-timeEngineering
Apply for this position

Job Description

DISQO’s mission is to build the world’s most trusted ad measurement platform that fuels brand growth.
The world’s largest brands, agencies, and media companies trust DISQO for expert insight and AI-driven intelligence about their advertising performance across all platforms. We capture people’s sentiments and journeys, connecting them with the brands they value and the media they consume. With this identity-based approach, brands gain more accurate and authentic insight so they can create more meaningful interactions.

Joining DISQO Nation means becoming part of a community that champions speed, innovation, and continuous growth. We invest deeply in our talent, empowering our teams to reach their highest potential. Together, we are shaping the future of work at DISQO—defined by performance, purpose, and impact.

We show up each day with curiosity and ambition, committed to learning, accelerating growth, and making a lasting difference. Grounded in our values and principles, we lead and collaborate to elevate performance, accountability, and excellence at every level of the organization. And through it all, we make sure to have fun along the way.

DISQO is hiring a Senior Security Engineer to take definitive ownership of our comprehensive security posture, encompassing both AWS cloud and endpoint security. This critical role leads day-to-day security operations across our platform, which includes a high-throughput AWS environment that processes billions of measurement signals. We rely heavily on AI-assisted tooling to enable a small, effective security team.

This is a hands-on individual contributor role. You will harden our AWS footprint, run detection and incident response, and build automations that turn repetitive security work into code. You will be expected to use AI coding agents (Claude Code, Cursor, or similar) as part of your default workflow.

You will report to the Director of Platform and partner closely with Engineering, IT, Product, and Legal. No direct reports. You influence through designs, code, reviews, and the systems you ship.

Position Summary:

As Senior Security Engineer, you are the technical owner of DISQO's security posture, encompassing both cloud and endpoint environments. You set the technical bar for security and security operations, driving the implementation of Zero Trust principles across our infrastructure and employee devices. On the cloud side, you own AWS identity, network, data, and account-level controls. On the operations side, you manage detection engineering, alert triage, incident response, and vulnerability management. As an AI-enabled engineer, you leverage coding agents and automation to build tools, agents, and integrations that compress manual toil into seconds, scaling the security practice.

You will work with autonomy on cross-functional initiatives, drive architectural decisions for security-critical systems, and help build a forward-leaning, AI-native security practice.

What you will do:

  • AWS Cloud Security:

  • Own the security posture of our AWS environment: IAM, networking, encryption, KMS, secrets management, and multi-account governance.

  • Operate AWS-native security services: GuardDuty, Security Hub, Config, IAM Access Analyzer, Macie, Inspector, CloudTrail, and Control Tower.

  • Design and review secure-by-default patterns for new services. Provide security guidance on Terraform, CloudFormation, and CDK changes.

  • Drive identity, network, and data perimeter strategy. Reduce blast radius and enforce least privilege across accounts.

  • Harden container, serverless, and Kubernetes (EKS) workloads where they touch sensitive data.

  • Security Operations:

  • Run day-to-day SecOps: detection engineering, alert triage, threat hunting, and incident response.

  • Tune and operate the SIEM, SOAR, and EDR stack (e.g., CrowdStrike). Author and maintain detections as code.

  • Drive the implementation of Zero Trust principles and manage endpoint security for employee devices, including local admin removal for employees handling customer data.

  • Lead incident response end-to-end: containment, forensics, root cause, customer comms, and blameless postmortems.

  • Run vulnerability management and patching cadence; track and drive remediation SLAs.

  • Build runbooks, on-call playbooks, and tabletop exercises that keep the team sharp.

  • AI-Enabled Engineering:

  • Use AI coding agents (Claude Code, Cursor, Copilot, or similar) daily to accelerate security engineering work.

  • Build automations and small services that turn manual security work into repeatable, code-defined workflows.

  • Apply AI to scale Tier-1 triage, alert enrichment, IR draft communications, and detection content authoring.

  • Help shape security guardrails for AI tooling and AI-related workloads as they emerge in our stack.

  • Governance, Risk & Compliance:

  • Support SOC 2 Type I/II and similar audits: evidence collection, control mapping, and customer questionnaire response.

  • Run third-party and vendor security assessments.

  • Manage security awareness training and the anti-phishing program.

  • Manage relationships and contracts with security vendors (MSSP, EDR, WAF, vulnerability management, etc.).

  • Cross-functional Partnership:

  • Champion the DevSecOps mindset and foster a security-first culture across engineering teams.

  • Be the go-to technical reviewer for new product surfaces, infrastructure designs, and data flows.

  • Partner with Legal and Privacy on regulatory requirements, control implementation, and audit readiness.

  • Mentor engineers on secure coding, threat modeling, and cloud security best practices.

What we're looking for:

  • Required:

  • Experience: 6+ years in cloud security, security operations, or infrastructure security, with hands-on production experience (not policy-only).

  • AWS Depth: Strong working knowledge of AWS security: IAM, VPC, KMS, GuardDuty, Security Hub, CloudTrail, Config, and multi-account governance.

  • Security Operations: Hands-on security incident response experience. You have led real investigations, written postmortems, and tuned detections in a SIEM/SOAR.

  • Coding Ability: Comfortable scripting and building small services in Python, Go, or similar. You ship automation, not just tickets.

  • AI-Enabled Workflow: Use AI coding agents (Claude Code, Cursor, Copilot) as part of your default workflow, not as an experiment.

  • Frameworks: Working knowledge of NIST CSF, CIS Controls, OWASP Top 10, and MITRE ATT&CK.

  • Experience implementing cloud-native detection and monitoring

  • Audit experience: SOC 2, ISO 27001, PCI, or similar.

  • Hands-on experience with endpoint security, including EDR (e.g., CrowdStrike), local admin removal, and device management/hardening.

  • Nice to have:

  • Detection engineering and SOAR/automation experience at scale.

  • IaC security: Terraform, CDK, or CloudFormation, plus CI/CD security gates and policy-as-code (OPA, Cedar).

  • Container and Kubernetes (EKS) security.

  • Multi-cloud exposure (GCP or Azure) in addition to AWS.

  • Familiarity with AI/LLM security (OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF). Useful but not required.

  • Certifications: AWS Security Specialty, CISSP, CCSP, GCIH, GCIA, GCFA, or OSCP.

  • Built custom MCP servers, agent frameworks, or in-house security tooling.

  • Open-source contributions to cloud security or detection engineering tooling.

About DISQO

First seen: May 1, 2026
Last updated: May 1, 2026