Wattpad

[Wattpad] Senior Security Engineer

Job Description

As a Sr. Security Engineer, you’ll be working closely with the Engineering, Data, and Product teams to embed security into the evolution of our systems. You will play a pivotal role in protecting our organization's data, systems, and networks while ensuring our engineering velocity remains high.

As a senior member of the Security Team, you will work to drive the security vision for the department and will be responsible for influencing thinking across multiple teams to improve how we build secure software in general.

Wattpad runs on a large distributed system that handles tens of thousands of requests every second. You’ll be securing our AWS cloud infrastructure and helping us mature our application security program. Our security stack relies on AWS Security Hub, GuardDuty, and WAF for infrastructure protection, while leveraging Datadog and Splunk for observability and threat detection. We are heavily invested in infrastructure-as-code using Terraform and are looking to automate security workflows using Python and GitHub Actions.



What You'll Do:
  • Designing, implementing, and monitoring security controls in our AWS cloud infrastructure to balance protection with scalability.
  • Influencing the technical direction of the Engineering & Data department by introducing secure development practices and threat modeling.
  • Acting as a force multiplier by building security automation workflows and "guardrails" that allow teams to ship code safely and quickly.
  • Directly solving complex security challenges, including incident response, root cause analysis, and remediation of vulnerabilities.
  • Assisting teams in implementing access management and compliance controls, compliance (SOC 2/ISO 27001), and risk governance.
  • Building and maturing our application security program, partnering with engineering teams to triage findings from our Vulnerability Disclosure Program.
  • Collaborating with engineers on implementing security best practices to help raise the security bar across the organization.

    • Required Qualifications:
  • 5+ years of work experience in SecOps, Cloud Security, DevSecOps, or similar security-focused role
  • AWS security expertise: Hands-on experience with Security Hub, GuardDuty, Inspector, AWS WAF, and IAM policy management
  • SIEM experience highly desirable: Datadog, Splunk, or similar platforms (query development, alert tuning, incident investigation)
  • Proficiency with infrastructure-as-code security: Terraform, CloudFormation, or similar
  • Experience with containers and Kubernetes (EKS preferred) including security hardening
  • Strong scripting and automation skills: Python, Bash, PowerShell
  • Experience securing CI/CD pipelines (GitHub Actions strongly preferred)
  • Familiarity with MITRE ATT&CK and D3FEND frameworks
  • Understanding of enterprise and cloud network security architecture and controls
  • SOC 2 and/or ISO 27001 compliance experience
  • Self-starter comfortable with ambiguity - ability to define and execute on loosely-scoped problems
  • Balanced communication style - proactive collaborator when needed, deep-focus engineer when required
  • Excellent written and verbal communication skills for cross-functional collaboration

    • Preferred Qualifications:
  • Experience building application security programs from early stages
  • Hands-on experience with Data Loss Prevention (DLP) solutions
  • Familiarity with HackerOne, Bugcrowd, or similar bug bounty/VDP platforms
  • Experience implementing threat modeling practices (STRIDE, PASTA, or similar)
  • Just-In-Time (JIT) access implementation experience
  • Experience with security orchestration and automation (SOAR)
  • Cloud security certifications: AWS Security Specialty, CCSP, CCSK
  • Offensive security background: OSCP, GPEN, CEH or practical CTF/red team experience
  • Contributions to security open-source projects or published security research
  • Experience debugging complex systems across different layers of the stack

    • Apply Now
    Job Summary

    Senior Software Security Engineer, Detection & Response Engineering | Sweden | Remote

    Grafana Labs is a remote-first, open-source powerhouse. There are more than 20M users of Grafana, the open source visualization tool, around the globe, monitoring everyth

    • Senior
    • Sweden Only
    • 3 months ago

    Cloud Security Engineer

    Job Title- Senior Information Security Engineer- CloudPrimary Location- RemotePosition Type - Full-Time OverviewJoin a large, complex healthcare organization as a Senior

    • USA Only
    • 23 hours ago

    Information Systems Security Engineer (ISSE)

    Company OverviewEnterprise Horizon Consulting Group (EHCG) is a Woman-Owned Small Business specializing in IT Consulting which has successfully delivered key capabilities

    • USA Only
    • one month ago

    Senior Product Security Engineer, Application Security

    About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on pr

    • USA Only
    • one month ago