Come join Deepwatch’s team of world-class cybersecurity professionals and the brightest minds in the industry. If you're ready to challenge yourself with work that matters, then this is the place for you. We're redefining cybersecurity as one of the fastest growing companies in the U.S. – and we have a blast doing it!
Who We Are
Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud-based security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.
Our core values drive everything we do at Deepwatch, including our approach to tackling tough cyber challenges. We seek out tenacious individuals who are passionate about solving complex problems and protecting our customers. At Deepwatch, every decision, process, and hire is made with a focus on improving our cybersecurity solutions and delivering an exceptional experience for our customers. By embracing our values, we create a culture of excellence that is dedicated to empowering our team members to explore their potential, expand their skill sets, and achieve their career aspirations, which is supported by our unique annual professional development benefit.
Deepwatch recognition includes:
- 2023, 2022 and 2021 Great Place to Work® Certified
- 2023 and 2022 Forbes America’s Best Startup Employers
- 2023 and 2022 Fortress Cybersecurity Award
- 2023 $180M Series C investment from Springcoast Capital Partners, Splunk Ventures, and Vista Credit Partners of Vista Equity Partners
- 2022 Cigna Healthy Workforce Silver Designation
- 2022 Cybersecurity Excellence Award for MDR
Lead Solutions Engineer, Automation
This job is available to work in one of our hub locations: Tampa, FL; Denver, CO; DC metro area, CA (Bay area), Austin, TX and will be hybrid
Reporting directly to the Director of Engineering, Core Platform, the Lead Solutions Automation Engineer will lead efforts to automate and optimize security operations and incident response. This role is ideal for a seasoned technology leader with deep expertise in security operations and engineering, ready to revolutionize security response strategies using hyperautomation technologies. You will drive the design of advanced solutions, shape key architectural decisions, and ensure our systems remain resilient against emerging threats. Additionally, you will collaborate with stakeholders across the business to drive the strategic direction of key initiatives
In this role, you’ll get to:
- Lead the design and implementation of automation workflows and security solutions that not only enhance operational efficiency and response capabilities but also align with the broader strategic goals of the organization. This involves balancing short-term wins with long-term value creation, ensuring that automation efforts are scalable and sustainable.
- Coordinate closely with experienced security analysts and engineers to identify automation opportunities that offer the highest return on investment. Prioritize these opportunities based on their potential impact, the resources required, and the alignment with overall security and business objectives.
- Champion the integration of hyperautomation across all facets of our security operations while carefully evaluating the trade-offs between speed, cost, and complexity to ensure our automation strategy is flexible enough to adapt to evolving security threats and organizational needs.
- Engage with, mentor, and influence a diverse team of top-tier security professionals, fostering an environment of innovation, collaboration, and technical excellence.
- Develop and maintain integrations between Security Orchestration, Automation, and Response (SOAR)/hyperautomation platforms and various security tools, ensuring seamless operational continuity.
- Create and optimize complex scripts and playbooks in Python, Bash, or PowerShell to automate aspects of the incident response lifecycle.
- Diagnose and navigate the most complex security automation related challenges, setting standards for technical excellence and ensuring seamless collaboration with specialized teams such as CyberOps, EDR, Firewall, XDR, and VM.
- Lead the deployment and refinement of Security Automation solutions, maintaining their effectiveness and ensuring they adapt to the latest security threats and technologies.
- Produce detailed documentation and training materials to support the adoption and utilization of automated security solutions.
- Evaluate and optimize the performance of security automation implementations to ensure they deliver maximum efficiency and strategic value.
To be successful in this role, you’ll need to:
- Possess extensive experience and a deep understanding of security operations, incident response, and automation.
- Have considerable expertise in designing, implementing, and managing scalable and complex SOAR/hyperautomation solutions.
- Possess strong programming skills in Python, PowerShell, Bash, or Go, with a focus on security applications.
- Showcase profound expertise in cloud-native security, demonstrating the ability to design and implement robust security postures for cloud architectures, while understanding the unique challenges and opportunities they present.
- Demonstrate proficiency in integrating various security technologies like IDS/IPS, SIEM, EDR, and cloud security into SOAR/hyperautomation platforms.
- Have a solid grasp of threat modeling frameworks such as MITRE ATT&CK, Cyber Kill Chain and the Diamond Model.
- Champion threat intelligence analysis operations, workflows, and the strategic direction they should embrace.
- Be capable of automating and supporting threat intelligence analysis and operational workflows.
- Demonstrate excellent problem-solving abilities, capable of working both independently and as part of a collaborative team.
- Communicate effectively and liaise with stakeholders across different functions.
- Experience with torq is strongly preferred.
ITAR Compliance
This position will have access to customer data and as such is subject to International Traffic in Arms Regulations (ITAR). Upon application, candidates will be asked to confirm that they are a U.S. Person as defined by the following:
- A citizen of the U.S.;
- A lawful permanent resident of the United States;
- A person admitted to the United States as a refugee; or
- A person that has been granted asylum by the United States government.
The intent of this requirement is not to verify employment eligibility overall, but to ensure compliance with import/export regulations. If you do not meet these requirements, we encourage you to apply for other open roles at Deepwatch. This information will be verified upon offer of employment.
The salary range for this role is $160,000 to $240,000 + stock options + benefits. Actual compensation may vary from posted hiring range based upon geographic location, work experience, education, and/or skill level.
#LI-KH1
What We Offer:
Deepwatch is excited to provide benefits designed to support team members and their families. Including:
- Medical, dental, vision, and disability insurance
- Flexible Time Off (FTO), 9 company holidays, sick leave and 8-Weeks Paid Parental Leave
- Unique professional development benefits, starting at $3,000 annually
- Wellness contests and monthly educational programs
- 401(K) retirement program with employer match
- Learn more here: Deepwatch Benefits
We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you. Please review our DEI Statement here.
Deepwatch welcomes and encourages applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process. Please inform your recruiter or contact [email protected] for further information.
All Deepwatch employees are expected to:
- Be interested in and able to work remotely from a home office when not at a corporate office
- Pass a pre-employment background and drug screen in accordance with applicable laws
Deepwatch is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability status, marital status, sexual orientation, gender identity, genetic information, protected veteran status, or any other characteristic protected by law. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
By submitting your application, you agree that Deepwatch may collect your personal data for recruiting, global organization planning, and related purposes. The Deepwatch Privacy Policy explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over Deepwatch’s use of your personal information.
What We Do
Advanced managed detection and response to secure the distributed enterprise
Managed Detection & Response
Our Managed Detection and Response (MDR) Services provide 24/7/365 threat monitoring, alerting, validation and proactive threat hunting. We provide comprehensive management of a suite of best-in-class security technologies and tightly integrate those with our innovative cloud SecOps platform and Deepwatch IP and applications to deliver unparalleled outcomes. The result is that we only alert you to the most sophisticated security incidents. Merging our SecOps platform with relentless customer service, we’re redefining the way managed security services are delivered.
Our Approach
Deepwatch MDR cyber security delivers an innovative, white glove solution for maintaining an updated view of information security risks across your organization. We provide senior leaders, IT and security personnel with around-the-clock monitoring of your organization’s assets using event monitoring of logs, automated mapping of use case data (SOAR), automated response and human contextual analysis, incident alerting and response, incident case management and threat hunting. What’s more, we assign a named Deepwatch team of experts to each customer — known as our Squad Model. This model ensures continuity in context, providing seamless coverage of all aspects of monitoring our customers’ security operations.
Customers build strong relationships with our team, and know who to call for support, collaboration, and to resolve issues. As a result, we are hyper responsive and we partner closely with you to continually enhance your security posture and network defenses.
Endpoint Detection and Response Management
Complete solution for your security operations from endpoints to SIEM
Unified visibility, detection, and remediation of threats with best-in-class endpoint detection and response (EDR) technologies integrated with one cybersecurity platform.
Vulnerability Management
Your business is only as strong as your security posture. Our continuous Vulnerability Management Services serve as a baseline for us to collaborate to discover the critical assets, threats and vulnerabilities relevant to your organization. Deepwatch provides the people, process and technologies to fully or partially administer vulnerability management programs that fit your unique needs and requirements.
Why Work With Us
Our collaborative culture and remarkable growth provide limitless opportunities to grow personally and professionally while enjoying what you do. Our unique, fully remote (from inception) work environment is developed with employee needs in mind, giving you the flexibility and benefits to take your cybersecurity career where you want.