CrawlJobs Logo
Whoop Logo Whoop · IT - Administration

Senior Information Security Engineer

United States, Boston 150000.00 - 190000.00 USD / Year · Job Posted December 13, 2025
Apply Position
Job Link Share

Job Description

Serve as a technical leader in our Security team reporting to our Information Security Manager. In this role, you will drive the deployment and continuous enhancement of controls that protect millions of users’ biometric and health data, build scalable defenses across our infrastructure and applications, and lead incident response efforts with visibility across the business. This is an opportunity to have direct impact at scale, working alongside engineers, product teams, and executives to drive forward-looking security strategies.

Job Responsibility

  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes

Requirements

  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards

Nice to have

Familiarity with compliance and risk frameworks relevant to health and AI (SOC 2, ISO 27001, PCI, GDPR, FTC guidance, HIPAA-adjacent state laws)

What we offer

  • competitive base salaries
  • meaningful equity
  • generous equity package
Whoop - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Information Security Engineer

8 matching positions

Senior Information Security Engineer

Mastercard is seeking candidates to join the Data Protection team with a focus o...
Location
Location
Ireland , Dublin 18
Salary
Salary:
Not provided
mastercard.com Logo
Mastercard
Expiration Date
October 10, 2026
Flip Icon
Requirements
Requirements
  • Experience operating or designing security governance or enforcement programs in large, complex environments
  • Strong understanding of information security, data protection, and risk management, particularly as applied to SaaS and third party technologies
  • Demonstrated ability to make and defend risk based decisions that balance security, policy, and business impact
  • Experience working cross functionally with Legal, Privacy, Compliance, and Technology teams
  • Ability to clearly document decisions and articulate technical and business impact to diverse audiences
  • Strong verbal and written communication skills, including executive ready summaries
  • Demonstrated technical competency in security engineering through hands on experience or relevant qualifications
  • Design and implement data models and analytics frameworks to support Shadow IT blocking decisions, escalation tracking, and governance reporting
  • Develop automated processes and dashboards to provide visibility into blocking activity, unblock requests, escalation outcomes, and trend analysis
  • Evaluate and integrate data sources (e.g., SaaS discovery tools, cloud telemetry, intake systems) to ensure accurate and timely Shadow IT decisioning data
Job Responsibility
Job Responsibility
  • Contribute to the execution of the Shadow IT and Data Protection roadmap, with primary ownership of enforcement, escalation, and governance processes
  • Develop and maintain a Shadow IT blocking strategy framework for unapproved applications, including: Blocking criteria and decision thresholds, Risk scoring aligned to data sensitivity, access, and exposure, Defined escalation paths for exceptions and high impact cases
  • Document all blocking decisions with clear business justification, technical impact assessment, and alignment to security and data protection policy
  • Establish and maintain communication protocols to notify stakeholders of application blocks, including timelines, approved alternatives, and available support resources
  • Manage unblock requests and escalations and exception processing, coordinating with Security Operations and business stakeholders to evaluate risk and determine outcomes
  • Partner with application, platform, and business teams to define paths to compliance, including remediation, onboarding to approved services, or decommissioning
  • Track and report Shadow IT metrics, including blocking trends, unblock volumes, escalation outcomes, incidents, and stakeholder satisfaction
  • Work side by side with other team members to build and mature the Shadow IT governance process, while taking lead ownership of defined processes such as: Escalations and exception handling, Cross functional coordination, Technical impact assessment, Policy alignment and enforcement
  • Build and operationalize a next generation Shadow IT governance model that provides transparency, consistency, and defensibility across the enterprise
  • Develop a way to automatically tag approved apps
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

We are seeking a Senior Security Engineer to design, build, and maintain critica...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
onetrust.com Logo
OneTrust
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BA/BS in Computer Science, Engineering, Mathematics, or a related field
  • 4+ years of security engineering or related security experience
  • 3+ years of cloud experience
  • Solid understanding of information security principles around confidentiality, integrity, and availability
  • Experience with logging platforms such as Splunk or similar tools
  • Experience with endpoint security platforms (e.g., CrowdStrike, SentinelOne, traditional AV)
  • Scripting proficiency in one or more: Unix/Shell, Python, Golang, Rust, PowerShell
  • Experience with IaC tools such as Terraform or CloudFormation
  • Strong organizational, analytical, and problem-solving skills
  • Ability to make sound decisions in a complex, fast-changing environment
Job Responsibility
Job Responsibility
  • Design, build, scale, and maintain core security infrastructure and controls
  • Respond to security tickets requiring engineering-level configuration changes or enhancements
  • Assist with the investigation and remediation of security incidents
  • Serve as a Security SME for secure cloud infrastructure
  • Provide guidance and feedback on cloud and hybrid security solutions
  • Partner with internal teams to provide security requirements for key initiatives
  • Conduct POCs and collaborate with vendors to evaluate and recommend solutions
  • Implement new security technologies as part of project-based initiatives
  • Communicate project and issue status to management and business stakeholders
  • Create and maintain documentation for security projects and processes
What we offer
What we offer
  • comprehensive healthcare coverage
  • flexible PTO
  • equity RSUs
  • annual performance bonus opportunities
  • retirement account support
  • 14+ weeks of paid parental leave
  • career development opportunities
  • company-paid privacy certification exam fees
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

The Sr. Information Security Engineering job collaborates with various business ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security or IT Technology
  • 3+ years of experience leading complex enterprise-wide integration programs and efforts as an individual contributor
  • 3+ years of engineering experience with vulnerability management tools such as Nexpose, Tenable
  • 3+ years of engineering experience with operating systems such as Linux and Windows Server
  • 2+ years of self-leadership experience
  • 2+ years of experience writing Python, GRAPH (GQL)
  • 2+ years of experience working with services in AWS, GCP, OCI, and Azure
Job Responsibility
Job Responsibility
  • Provides operations and engineering support for critical security systems and services including servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management
  • Leads the cost/benefit evaluation of cloud solutions compared to virtual private networks, dedicated hosting, and in-house solutions
  • Reviews technical feasibility of adopting external cloud based IT platform and infrastructure services within the organization
  • Leads the identification of portions of the organization's IT platform/infrastructure with the highest potential return for cloud deployment
  • Facilitates implementation of the organization's global strategies and initiatives to enhance Information Technology plans, operations and procedures
  • Ensures the execution of vulnerability analysis and exploitation of applications, operating systems and networks
  • Reports identified intrusion or incident paths and methods discovered through testing and evaluation procedures
  • Designs, develops and implements countermeasures, systems integration and tools specific to cyber and information operations
  • Resolves and documents complex malware and intrusion issues within the system as they occur
  • Functions as an internal information security consultant on the standards, complex issues and best practices for the organization
Read More
Arrow Right

Senior Information Security Engineer

At Qualia, we've built the leading B2B real estate technology that transforms th...
Location
Location
United States
Salary
Salary:
180000.00 - 200000.00 USD / Year
qualia.com Logo
Qualia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 4+ years of professional information security experience, with both a strong defensive foundation and familiarity with offensive techniques
  • Genuine curiosity about how systems work and how they break
  • The ability to write code—whether it's a quick automation script or a more substantial detection tool
  • Hands-on experience with: Security operations tooling (e.g., SIEMs, IDS/IPS, WAFs, log monitoring platforms)
  • Core IT domains, including endpoint management, networking, web applications, and cloud infrastructure
  • Identity and access management concepts (e.g., SSO, MFA, role-based access controls)
  • Navigating the security implications of emerging technologies—including AI and large language models—as the company evaluates and adopts new tools
  • Security automation and orchestration: experience connecting tools, writing integrations, or building workflows that reduce response times and manual effort
  • Penetration testing tools (e.g., Nmap, Nessus, Metasploit, Burp Suite, or similar)
  • The ability to translate complex security concepts into clear, actionable language for technical and non-technical audiences alike
Job Responsibility
Job Responsibility
  • Partner with stakeholders across the business to identify gaps and strengthen Qualia's security posture
  • Uncover security weaknesses in technologies and processes through threat modeling, security assessments, and the development of practical security baselines
  • Build and operate tooling across the full security lifecycle: prevention, detection, investigation, and response
  • Evaluate the security posture of cloud environments, including reviewing configurations, monitoring for drift, and ensuring alignment with organizational security baselines
  • Serve as a point of escalation for customer-reported security concerns, triaging issues, communicating clearly with affected parties, and driving issues to resolution
  • Triage and reproduce vulnerability findings from penetration tests, internal tooling, and external reports—and communicate associated risk clearly to the right audiences
  • Scale security impact through automation and education, making the whole organization more security-aware
What we offer
What we offer
  • competitive equity and benefits package
  • comprehensive health plans
  • a 401k program
  • commuter benefits
  • professional development
  • parental leave
  • a flexible time off policy
  • robust online onboarding program
  • biweekly all hands meetings
  • a variety of internal virtual events to keep employees connected
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

This role is your opportunity to lead the charge in maturing e2Open’s security p...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in SIEM operations, vulnerability management, and incident response
  • Hands-on experience configuring and running security tools
  • Strong automation skills (e.g., scripting, orchestration)
  • The ability to lead through influence, guiding teams to adopt better practices
  • Experience navigating the challenges of complex, fast-changing environments (M&A exposure a plus)
  • Formal qualifications (CISSP, CISM, or equivalent) are valued
Job Responsibility
Job Responsibility
  • Configure, tune, and operate SIEM platforms to improve detection, response, and visibility
  • Lead vulnerability scanning and remediation
  • Take point in managing security incidents — from detection through investigation and resolution
  • Run and maintain key security tools
  • Drive automation-first approaches
  • Collaborate with engineering and IT teams to embed security into operations and culture
  • Help shape the roadmap for security maturity within e2Open
Read More
Arrow Right

Senior Information Security Engineer - CTFC

Wells Fargo is seeking a Senior Information Security Engineer.
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 29, 2026
Flip Icon
Requirements
Requirements
  • 4+ years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
  • 4+ years of hands-on experience in Cyber Security, with a strong focus on Security Operations
  • 4+ years of experience working with enterprise SIEM platforms, preferably Splunk, including use case development, log analysis, and alert tuning
  • Solid understanding of cybersecurity frameworks and methodologies, including the Cyber Kill Chain, MITRE ATT&CK, and NIST frameworks
  • Proven experience in Security Incident Response, including detection, investigation, containment, mitigation, and remediation processes
  • Advanced knowledge of networking concepts, protocols, and security standards, along with deep understanding of Linux/Unix and Windows OS internals and system configurations
  • Strong analytical and problem-solving skills, with the ability to correlate events and identify potential threats across diverse environments
  • Bachelor’s and/or Master’s degree in computer science, Information Systems, or a related field
  • Industry-recognized certifications such as CHFI, OSCP, CEH, or equivalent are highly preferred
  • Experience with SOAR platforms (e.g., XSOAR), threat intelligence integration, and automation/orchestration is an added advantage
Job Responsibility
Job Responsibility
  • Lead or participate in computer security incident response activities for moderately complex events
  • Conduct technical investigation of security related incidents and post incident digital forensics to identify causes and recommend future mitigation strategies
  • Provide security consulting on medium projects for internal clients to ensure conformity with corporate information, security policy, and standards
  • Design, document, test, maintain, and provide issue resolution recommendations for moderately complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security
  • Review and correlate security logs
  • Utilize subject matter knowledge in industry leading security solutions and best practices to implement one or more components of information security such as availability, integrity, confidentiality, risk management, threat identification, modeling, monitoring, incident response, access management, and business continuity
  • Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives
  • Collaborate and consult with peers, colleagues and managers to resolve issues and achieve goals
  • Monitor, triage, and investigate security alerts, ensuring timely and effective case handling and resolution
  • Conduct detailed security investigations, performing analysis, correlation, and validation of potential threats
  • Fulltime
!
Read More
Arrow Right

Senior Information Security Engineer (SOC)

We are looking for a Senior SOC Engineer to strengthen our Security Operations c...
Location
Location
Qatar , Doha
Salary
Salary:
Not provided
qic.digital Logo
QIC digital hub
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security as an L2/L3 SOC Analyst/Engineer with strong focus on Incident Response
  • Strong understanding of the incident lifecycle, detection engineering, and response escalation
  • Hands-on experience with SIEM/SOAR platforms (e.g., Splunk, Sentinel, Chronicle, QRadar, Wazuh)
  • Experience conducting security investigations and root cause analysis, as well as documenting those
  • Understanding of common log sources (network, endpoint, identity, application)
  • Experience developing detection rules and playbooks (Sigma, KQL, YAML, etc.)
  • Knowledge of ISO 27001 standards, MITRE ATT&CK and threat intelligence practices
  • Basic scripting or automation skills (Python or Bash)
  • Strong documentation, communication, and cross-team collaboration skills
Job Responsibility
Job Responsibility
  • Define and continuously improve security processes, procedures, and incident response playbooks
  • Optimize security event and log collection based on risk and detection relevance
  • Oversee and improve incident response workflows through post-incident analysis and lessons learned
  • Collaborate with L1-L2 security team members to expand detection coverage and develop new use cases
  • Participate in major security incident investigations, providing technical analysis and remediation guidance
  • Standardize automation and orchestration across SIEM, SOAR, EDR and related tools
  • Ensure alignment of security operations with security policies and frameworks (ISO 27001, NIST, MITRE ATT&CK)
  • Review security architecture for cloud and on-prem environments and recommend improvements
  • Lead investigation and response for high and critical severity incidents
  • Track remediation actions and ensure closure of identified security gaps
What we offer
What we offer
  • Extra paid leave
  • Language classes
  • Meeting with experts
  • Professional development
  • QIC running club
  • Relocation support
  • Remote health insurance
  • Tax consultations
  • Travel discounts
  • USD, EUR, or AED salary payouts
  • Fulltime
Read More
Arrow Right

Information Security Senior Engineer

To lead the organisation’s security assurance and standards capability. The role...
Location
Location
United Kingdom , Coventry
Salary
Salary:
70000.00 - 78000.00 GBP / Year
the-mtc.org Logo
Manufacturing Technology Centre
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in information security assurance, governance or audit‑facing security roles
  • Strong understanding of network security principles and the ability to challenge and validate technical designs
  • Led enterprise classification approach, technically and assured
  • Demonstrable experience supporting customer audits and completing security questionnaires & bid assurance responses
  • Ability to produce clear, evidence‑led documentation that stands up to scrutiny
  • Strong influencing and communication skills
  • Self‑starting approach with high ownership
Job Responsibility
Job Responsibility
  • Own the interpretation and day‑to‑day operation of relevant standards and assurance frameworks (Defence, CE/CE+)
  • Maintain an evidence library and control narratives suitable for customer audits and formal assessments
  • Lead responses to customer security audit requests and new business Security Assurance Questionnaires (SAQs), working closely with technical colleagues
  • Strengthen the organisation’s network security assurance capability: challenge designs, validate controls, and support secure integration into enterprise facilities
  • Coordinate internal assurance activities supporting annual Cyber Essentials Plus including readiness reviews, remediation tracking and evidence pack quality
  • Support incident response governance: ensure playbooks, communications templates and post‑incident learning are maintained
  • Contribute to the cyber security communications channel: support awareness campaigns, targeted briefings and lessons‑learned messaging
  • Support the maintenance of ITSM, and address security governance and design related tickets
  • Play an active role in maintaining & contributing to Security related Dev Ops
What we offer
What we offer
  • Excellent Pension Scheme
  • Flexible Working
  • Fulltime
Read More
Arrow Right