Senior security engineer

Watershed is an enterprise sustainability platform that helps companies manage climate and ESG data. The Senior Security Engineer will lead product security initiatives, enhance secure software development practices, and manage security testing and incident response efforts.

Responsibilities:

• Drive product security vision, strategy, and best practices across product teams
• Lead security design reviews for new and existing products to identify potential security vulnerabilities in GCP and modern AI platforms
• Collaborate with engineering to manage and improve the secure software development stack and CI/CD pipeline in Github Actions
• Manage and enhance our bug bounty programs and third-party security testing
• Evaluate vulnerability reports, prioritize remediation, and communicate findings
• Design and build threat detection, monitoring, investigation, and response architectures on the Google SecOps platform
• Monitor and evaluate operational/security alerts
• Participate in investigations and incident response activities; build playbooks

Requirements:

• BS in computer science, information security, or a related field or equivalent experience
• 5-7+ years in security engineering
• Experience in growing & formalizing security programs
• Strong knowledge of GCP and Google SecOps / Security Center
• Deep understanding of threat modeling, risk management, and vulnerability assessment methodologies
• Proficiency in multiple programming languages and familiarity with secure coding practices and frameworks such as OWASP and CIS Controls (Was SANS Top 20)
• Hands-on experience with security tools and experience integrating automated security testing into CI/CD pipelines
• Excellent leadership, communication, and collaboration skills, with the ability to work effectively across diverse teams
• SaaS industry background