Information Security Engineer

Hello, let us introduce ourselves!

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches.

With experience informed by years of simulating sophisticated cyber attacks against some of the world's largest organisations, our mission is to enable organisations to continuously understand how an attacker would successfully compromise their business - with cutting-edge Attack Surface Management and Continuous Automated Red Teaming technology.

watchTowr was named within Gartner’s Emerging Tech Impact Radar report in 2023, in Gartner's Innovation Impact report for ASM in 2024, and is utilised by Fortune 500 and other large enterprises globally. Our research is well-known and respected across the cybersecurity industry, and can be found in various news outlets - while fuelling the watchTowr Platform.

We are a young, high-energy and high-performing team delivering world-class technology to help our clients prevent breaches. We are in a high and aggressive growth phase of our journey, and are excited to continue adding colleagues to join our phorce of nature.

Our vision for offensive security is continuous.

 

But what’s the role?

We are looking for an ambitious colleague to join watchTowr as our first Information Security Engineer to manage and continuously evolve watchTowr’s internal cyber security capability. 

Although watchTowr’s first dedicated internal Info Sec role, as a cyber security company, watchTowr has built a strong internal cyber security posture and culture since day zero, maintained by several existing teams. This is demonstrated in numerous ways, including watchTowr’s ISO27001 and SOC 2 Type 2 certifications. As watchTowr enters another phase of significant growth, dedicated capability  is required to now focus on maintaining and continuing to evolve watchTowr’s existing cyber security posture.

 

Sounds great – what will I do?

• Support basic security configurations of firewalls, antivirus, and endpoint security tools.
• Help manage user access controls and permissions.
• Document incident reports and assist in the response process.
• Conduct routine security checks and vulnerability scans.
• Collaborate with teams to address minor vulnerabilities.
• Assist in maintaining security documentation and compliance checklists.
• Help ensure adherence to security policies and procedures.
• Support internal security awareness campaigns and training sessions.
• Promote cybersecurity best practices across the organization.
• Work with DevOps, and software teams to implement basic security measures.
• You will be involved in Implementing new security tools, technology and initiatives, undertaking project work as requested;
• Installation, configuration, upgrade and management of security technology;
• Day to day security operations of the global IT estate; monitoring, vulnerability assessment, scanning, compliance checking, controls validation;
• Definition, collation, automation, maintenance and reporting of security information, metrics and security status;
• Monitoring and analyses of networks, systems, devices and logs for security events, anomalies and information;
• Investigation and resolution of potential security incidents;
• Define, document, maintain and implement security baselines, standards, policy and procedures in conjunction with relevant IT teams;
• Automate compliance checking of agreed standards, policy and controls;

 

 

Sounds perfect to me, what specifics are you looking for?

Core Skills

• Scripting & Automation.
• MDM systems implementation.
• Vulnerability assessment, security log & event analysis, security metrics;
• Strong networking skills and knowledge;
• Windows, Linux and MacOS experience and proficiency;
• Security policy development;
• Incident response;
• Cloud Security & Orchestration / DevSevOps (AWS)

Advantages

• You’ve been an early stage member of a startup previously
• You thrive with empowerment and autonomy to fulfil your responsibilities in the best way you see fit.
• You continuously learn – whether it be the latest and best way of solving a programmatic challenge or diving headfirst into cyber security.

What’s in it for me?

• Meaningful mission - the work we do materially prevents our clients from being breached.
• Competitive compensation - we believe that hard work, skills and ambition should be fairly compensated.
• Meaningful role in a company - You will be a key and early contributor to a fast-growing cyber security business that helps protect some of the world's largest enterprises.
• Endless opportunities – we are in a high-growth phase of our journey, and plan to promote from within as we scale.
• Work with cyber security experts – we are solving cutting-edge industry-wide cyber security challenges with some of the world’s most advanced organisations.

Note: This role is a hybrid / remote role based in the UK. Unfortunately, we cannot currently sponsor visas for candidates outside of the UK.