Skip to main content
Back to jobs

Lead Security Engineer

External
duettoresearch logoDuettoresearch · US
Full-timeOn-site3w ago
AWSCI/CDCloud SecurityComplianceDevSecOpsEncryption
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

Responsibilities

  • You'll serve as the primary security incident leader for major incidents, investigations, escalations, root cause analysis, and executive reporting - and lead IR tabletop exercises, DR tabletop exercises, backup testing coordination, and BCP security reviews.
  • You'll own SOC 2 Type 2 readiness, ISO 27001 readiness, ISO 42001 AI governance alignment, and NIST CSF maturity tracking - maintaining the security risk register, risk treatment plans, security roadmap, and security debt backlog.
  • You'll partner with Legal and Privacy on DPA, DTIA, DPF, GDPR, SCCs, and subprocessor management, and own customer-facing security assurance including strategic RFPs, security questionnaires, enterprise security reviews, Trust page content, and sales support calls.
  • You'll provide security guidance to IT on MDM, endpoint security, AV/EDR coverage, access reviews, and SaaS security controls - and report security posture, risks, incidents, remediation status, and audit readiness to executive leadership.

Requirements

  • You may be a good fit if you have:
  • 8+ years of experience in security, cloud security, DevSecOps, security engineering, infrastructure security, or security operations
  • Strong hands-on knowledge of AWS - you can review cloud architecture and identify risk, not just read about it
  • Experience securing DevOps environments, CI/CD pipelines, Kubernetes and container environments, cloud IAM, logging, secrets management, and infrastructure-as-code
  • Experience with SOC 2 Type 2 audits and a working familiarity with ISO 27001, NIST CSF, and GDPR security requirements
  • Experience with vulnerability management, penetration testing programmes, and incident response
  • The ability to translate technical risks into business-level priorities and communicate clearly with Engineering, Legal, Sales, auditors, customers, and executives
  • Strong candidates may also have:
  • Hands-on experience with Snyk, Lacework, Vanta, MDM platforms, endpoint protection, and cloud posture tools
  • Prior ownership of SOC 2 Type 2 audit readiness end-to-end
  • ISO 27001 implementation or certification support experience
  • Experience supporting enterprise SaaS security reviews and customer trust programmes
  • Familiarity with ISO 42001 or AI governance frameworks
  • Why Duetto?
  • Full ownership of a consequential security programme. This isn't a supporting role in a large security team - you'll own the posture, the compliance roadmap, the incident response, and the customer trust programme. The scope is real and so is the impact.
  • AI is how we work. Duetto is an AI-first engineering organisation, which makes AI governance and ISO 42001 alignment genuinely relevant her

Additional Information

Duetto's platform processes real-time pricing decisions for thousands of hotels, resorts, and casinos worldwide - and this role owns the security posture that makes that possible. As Senior Security Engineer, you'll lead security across cloud infrastructure, engineering, operations, compliance, and customer trust: a broad, high-autonomy mandate that spans AWS architecture, SOC 2 and ISO 27001 readiness, vulnerability management, incident response, and the enterprise security reviews that help close deals. If you're a hands-on security engineer who can operate at the technical depth of a cloud security specialist and communicate at the level of an executive or enterprise customer, this is the role. What Makes Us Different? Duetto is the hospitality industry's leading revenue management platform, founded in 2012 by former Wynn Resorts executives who knew the industry needed better technology. We built the world's first Revenue & Profit Operating System - a suite of tools (GameChanger, ScoreBoard, BlockBuster, Advance and more) that goes beyond room pricing to give hotels, resorts and casinos a complete picture of their revenue and profitability. Trusted by clients ranging from independent boutique hotels to global chains, we've been named the #1 Revenue Management Software by HotelTechAwards four years running and the #1 Best Place to Work in Hotel Tech in 2025. Backed by GrowthCurve Capital since 2024, we're accelerating our investment in AI - and we're genuinely passionate about the industry we serve. We build products we're proud of, for customers we care about.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at duettoresearch? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect