Job Closed
This listing is no longer active.
Attackers move fast. We move faster.
Senior Deception Engineer
Location
United Kingdom
Posted
75 days ago
Salary
0
Seniority
Senior
Job Description
Senior Deception Engineer
watchTowr
• Help design, build, and operate large-scale deception infrastructure within our hyper-realistic Attacker Eye global honeypot network, emulating real-world systems, services, and applications exposed to the internet. • Engineer and maintain high-interaction deception assets that capture authentic attacker behavior, exploitation workflows, and post-exploitation activity across multiple protocols and technology stacks. • Continuously evolve deception tactics by tracking attacker tradecraft, emerging vulnerabilities, and exploitation techniques to ensure environments remain believable and resistant to fingerprinting. • Instrument, enrich, and analyze deception telemetry , transforming raw log data into high-quality signals. • Generate automated reports from raw log data , producing structured insights on attacker behavior, exploitation trends, and campaign activity for internal and external consumption. • Rapidly deploy new deception scenarios in response to emerging N-day and 0-day vulnerabilities, active exploitation campaigns, and shifts in adversary behavior. • Collaborate closely with Detection Engineering and Threat Intelligence teams to convert deception telemetry into production detections and actionable intelligence. • Share insights across the organization , working with Labs, Marketing, Product, and other teams to help communicate emerging threats, research findings, and attacker trends. • Contribute original research and publications , documenting attacker behavior, deception methodology, and exploitation patterns for both internal stakeholders and the wider security community. • Own and improve the deception lifecycle , from implementation, deployment through, data quality, and long-term signal value.
Job Requirements
- 7+ years in security engineering, offensive security, detection engineering, threat research, or related hands-on technical roles.
- 3+ years working directly with honeypots, deception systems, or internet-facing security telemetry at scale.
- Experience working in an early-stage B2B startup focusing on enterprise clients.
- Strong understanding of attacker tradecraft , including exploitation chains, post-exploitation behavior, automation frameworks, and tooling.
- Proven experience building or modifying network services, protocols, or application stacks to emulate real production environments.
- Deep familiarity with Linux internals, networking, and common internet protocols (HTTP(S), SSH, SMTP, FTP, databases, RPC, etc.).
- Strong Python proficiency , with experience writing custom services, emulators, instrumentation, and automation tooling.
- Experience working with cloud infrastructure , containers, and infrastructure-as-code to deploy deception systems globally.
- Comfort operating in high-noise, adversarial environments , iterating quickly as attackers adapt their behavior.
- Familiarity with log pipelines and analysis platforms (e.g., OpenSearch / ELK) to validate deception quality and attacker engagement.
Benefits
- Competitive compensation - we believe that hard work, skills and ambition should be fairly compensated.
- Meaningful role in a company - You will be a key and early contributor to a fast-growing cybersecurity business that helps protect some of the world's largest enterprises.
- The best tools and powerful kit - we enable you with the tools to effectively fulfil your role.
- Endless opportunities – we are in a high-growth phase of our journey, and plan to promote from within as we scale.
- Work with cyber security experts – we are solving cutting-edge industry-wide cyber security challenges with some of the world’s most advanced organisations.
- watchTowr is proud to be an Equal Opportunity Employer At watchTowr, we’re dedicated to fostering an inclusive, respectful, and diverse environment where every individual is recognised for their talent and potential.
Related Guides
Related Categories
Related Job Pages
More Engineer Jobs
• Be a key technical resource in the IT department for projects across Streets • Delivery and implementation of IT projects • Technical point of contact during project lifecycles • Collaborate with internal teams and external vendors to ensure successful delivery • Documentation and handover to relevant department/team
Observability Engineer – Prometheus, Grafana
WhitestackBuilding Infrastructure For Digital Transformation.
• Diseñar, implementar y optimizar soluciones de monitoreo para infraestructuras cloud. • Definir, analizar e implementar dashboards para visualizar indicadores de desempeño críticos. • Asegurar el correcto funcionamiento de clouds productivos basados en tecnologías open source (como Kubernetes y OpenStack). • Atender las incidencias críticas de la plataforma, escalando a los Ingenieros Senior o al área de desarrollo de productos.
Observability Engineer – Prometheus, Grafana
WhitestackBuilding Infrastructure For Digital Transformation.
• Diseñar, implementar y optimizar soluciones de monitoreo para infraestructuras cloud. • Definir, analizar e implementar dashboards para visualizar indicadores de desempeño críticos. • Asegurar el correcto funcionamiento de clouds productivos basados en tecnologías open source (como Kubernetes y OpenStack). • Atender las incidencias críticas de la plataforma, escalando a los Ingenieros Senior o al área de desarrollo de productos.
Observability Engineer – Prometheus, Grafana
WhitestackBuilding Infrastructure For Digital Transformation.
• Diseñar, implementar y optimizar soluciones de monitoreo para infraestructuras cloud. • Definir, analizar e implementar dashboards para visualizar indicadores de desempeño críticos. • Asegurar el correcto funcionamiento de clouds productivos basados en tecnologías open source (como Kubernetes y OpenStack). • Atender las incidencias críticas de la plataforma, escalando a los Ingenieros Senior o al área de desarrollo de productos.
