• Designing, implementing, and managing enterprise data protection solutions across our enterprise operating environment • Ensuring that sensitive and regulated information is discovered, classified, and protected throughout its lifecycle • Serving as the subject matter expert (SME) for data protection and Microsoft Purview Information Protection (MIP/DLP) • Leading policy configuration, tuning, and enforcement across the organization • Implementing and maintaining Microsoft Purview, DLP, Information Protection, and compliance policies, plans, and procedures • Developing and tuning DLP rules for endpoints to manage the flow of data between approved boundaries • Managing and optimizing sensitivity labels, mandatory encryption, and content marking across Microsoft 365 and supported third-party integrations • Collaborating with IT and department teams to align DLP policy coverage with regulatory and contractual data handling requirements • Investigating and responding to DLP incidents, working with Defender XDR and Sentinel to correlate events and generate actionable insights • Maintaining DLP dashboards and reporting to track violations, policy effectiveness, and user behavior trends • Serving as the technical liaison for enterprise data protection initiatives involving Purview, Zscaler, Qualys, and related security tools • Supporting periodic policy reviews, risk assessments, and audits, ensuring continuous compliance and alignment with security architecture standards • Documenting DLP processes, SOPs, and configuration baselines in accordance with company change management practices • Providing technical guidance and training to administrators and end-users on data handling best practices

• Continuously evolve Kentik’s secure SDLC strategy, defining security and privacy standards from design through deployment in partnership with key stakeholders. Design and implement automated security guardrails in CI/CD pipelines to detect vulnerabilities, dependency risks, and misconfigurations in real time, enabling teams to move fast without sacrificing security. • Lead the analysis and resolution of complex, high-risk, or systemic vulnerabilities, partnering with engineers to design durable fixes and reusable security patterns. This also includes tooling selection, prioritization frameworks, remediation workflows, and developer guidance. • Lead threat management automation capabilities by designing automated detections, response playbooks, and escalation paths. Be part of security operations by responding to security alerts/incidents and continuously improving response effectiveness through automation and post-incident learnings. Manage and evolve bug bounty and penetration testing programs in partnership with internal and external stakeholders. • Design, build, and maintain internal security tools, platforms, and frameworks used broadly across the engineering organization. Focus on scalability, reliability, and developer experience while delivering capabilities such as automated scanning, validation, and security reporting and dashboards. • Act as a trusted security advisor to engineering and product teams, providing practical guidance during design reviews, architectural discussions, and roadmap planning. Drive security adoption through collaboration rather than gatekeeping, helping teams make informed risk-based decisions. • Drive security and privacy awareness across the organization by delivering role-specific training, secure design guidance, and ongoing education. Help foster a culture where security is a shared responsibility embedded into everyday engineering practices.

• Detect and respond to security threats across network, systems, and cloud environments. • Troubleshoot and resolve complex technical issues, performing root cause analysis to prevent future incidents. • Act as an escalation point for unresolved alerts/issues. • Mentor SNOC Engineer I team members and assist with technical development. • Create and improve Standard Operating Procedures (SOPs) and knowledge base documentation. • Collaborate on projects to integrate new technologies and improve reliability. • Support compliance initiatives (CMMC, SOC 2, ISO 27001). • Investigates and responds to complex security alerts (lateral movement, privilege misuse). • Performs root cause analysis and recommends remediation actions. • Maintains and tunes SIEM and EDR detections to improve accuracy. • Supports proactive security initiatives (threat hunting, detection engineering). • Mentors Engineer I in effective triage and investigative techniques. • Collaborates with clients and internal teams on remediation plans.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Software Engineer you will work with every component of Wraithwatch’s architecture to include: - Ensuring autonomous and smooth construction of advanced digital twin models of networks - Coordinating communication and signaling between backend AI engines and workers - Building data pipelines between Wraithwatch and third party security products - Performing all manner of site reliability operations to ensure our customer deployments are resilient and maintain uptime Qualifications - 4+ years professional experience in building and deploying software or services as part of a corporate or enterprise security engineering team - Deep, hands-on understanding of the current landscape of cybersecurity tools (EDRs, device management, identity, SIEMs, SOARs, XDRs, etc) and experience configuring, tuning, or automating these systems via APIs - Experience implementing or assisting with the implementation of enterprise / corporate security controls such as anti-malware policies, identity and access controls, detection engineering, device management, or similar - Development experience in any modern programming language, including but not limited to Python, Rust, or Go Requirements - Willingness to work extended hours and weekends as needed Company Description Wraithwatch was founded by security engineers from SpaceX, Palantir, and Anduril to build the next generation of AI-powered cyber defense systems for the United States and its allies. We are deployed today to customers spanning Fortune 500, US Federal Government, commercial nuclear, aerospace, defense, maritime, and other emerging technology companies. Our core product is a cyber defense platform utilizing generative artificial intelligence agents to autonomously model a digital twin of an organization's entire IT and cybersecurity environment and analyze it for weaknesses, misconfigurations, and chains of possible attack.