Information Security Engineer

Hello, let us introduce ourselves!

We are watchTowr, a VC-backed cyber security startup helping organisations continuously discover vulnerabilities in their Internet-facing attack surface. Cyber security veterans and technical experts, we are obsessed with building cybersecurity technology to help prevent breaches.

With experience informed by years of simulating sophisticated cyber attacks against some of the world's largest organisations, our mission is to enable organisations to continuously understand how an attacker would successfully compromise their business—with cutting-edge Attack Surface Management and Continuous Automated Red Teaming technology.

watchTowr was named within Gartner’s Emerging Tech Impact Radar report in 2023, in Gartner's Innovation Impact report for ASM in 2024, and is utilised by Fortune 500 and other large enterprises globally. Our research is well-known and respected across the cybersecurity industry and can be found in various news outlets—while fuelling the watchTowr Platform.

We are a young, high-energy, and high-performing team delivering world-class technology to help our clients prevent breaches. We are in a high and aggressive growth phase of our journey and are excited to continue adding colleagues to join our phorce of nature.

Our vision for offensive security is continuous.

 

But what’s the role?

We are seeking an ambitious Information Security Engineer to join our Platforms team to focus on our internal security programme.

 

Sounds great—what will I do?

This role involves:

• Security Architecture in the Cloud: Designing and implementing secure cloud infrastructures, ensuring robust protection against potential threats.

• Endpoint Management and Administration: Overseeing the deployment, configuration, and maintenance of endpoint security solutions to safeguard all devices within the organisation.

• Vulnerability Assessment and Management: Conducting regular vulnerability assessments, analysing findings, and coordinating remediation efforts to enhance our security posture.

• Implementation of Security Controls: Deploying security measures that not only meet compliance requirements but also proactively address emerging threats.

• Security Awareness Assessments: Evaluating and enhancing the security awareness of our team members through targeted assessments and training initiatives.

 

Sounds perfect to me—what specifics are you looking for?

Ideal Experience

Ideally, you should have at least 5 or more years of experience:

• Cloud Security: Proven expertise in securing cloud platforms (AWS), including the design and implementation of security architectures and controls.

• Endpoint Security: Hands-on experience with endpoint protection solutions, ensuring devices are safeguarded against potential threats.

• Vulnerability Management: Proficiency in conducting vulnerability assessments using industry-standard tools and methodologies, and managing remediation processes.

• Compliance and Security Controls: Familiarity with implementing security controls aligned with frameworks such as ISO 27001, NIST, or CIS, and adapting them to meet organisational needs.

• Automation and Scripting: Possess skills in automating security tasks using scripting languages such as Python or PowerShell to enhance efficiency.

• Security Training and Awareness: Experience in developing and conducting security awareness programs to educate staff on best practices and emerging threats.

 

Bonus Experience

It’ll also be awesome if you:

• Incident Response: Have experience in developing and executing incident response plans, including conducting post-incident analyses and implementing improvements.

• Certifications: Hold relevant certifications such as CISSP, CISM, demonstrating a commitment to professional development in the field of information security.

 

Our Experience

When you join us, you can expect (ok, we kinda expect this from you too):

• A highly motivated team that obsesses over our shared mission.

• To be part of a team of outcome-focused problem-solvers.

• An environment of autonomy and creativity to support you to deliver the best work of your life.

• A culture of continuous improvement in the form of learning and growth.

What’s in it for me?

• Competitive compensation: We believe that hard work, skills, and ambition should be fairly compensated.

• Meaningful role in a company: You will be a key and early contributor to a fast-growing cyber security business that helps protect some of the world's largest enterprises.

• The best tools and powerful kit: We enable you with the tools to effectively fulfil your role.

• Endless opportunities: We are in a high-growth phase of our journey and plan to promote from within as we scale.

• Work with cyber security experts: We are solving cutting-edge industry-wide cyber security challenges with some of the world’s most advanced organisations.

• Work hard, play hard: We work hard together, but we also have fun together. On Fridays, we regularly turn on the speakers, open the beer fridge, and prepare for the weekend.

 

Note: This role is a hybrid / remote role based in the UK. Unfortunately, we cannot currently sponsor visas for candidates outside of the UK.