Similarweb (NYSE: SMWB) is a leading digital intelligence company that empowers businesses with trusted insights into online behavior, market trends, and competitive performance. By analyzing billions of digital interactions every day, Similarweb helps organizations make data-driven decisions and accelerate growth.

 

Why is this role so important at Similarweb?

 

As a Senior Cybersecurity Engineer reporting directly to the Chief Information Security Officer (CISO), you will play a key role within Similarweb’s security team. In this position you will drive impactful security initiatives that support the company’s business objectives, leveraging innovative technologies and practical solutions to strengthen our security posture while enabling the business to operate securely and efficiently.

You will collaborate with cross-functional teams across the organization, including IT, R&D, Product, and other stakeholders, to ensure that security is embedded throughout our products, services, and operations. You will help identify and mitigate risks, implement effective security controls, and continuously enhance our security capabilities in a dynamic, fast-growing, technology-driven environment.

 

Responsibilities

• Implement, manage, and continuously enhance security controls across cloud environments (AWS, GCP, Azure), endpoints, SaaS platforms, and applications.
• Administer, optimize, and maintain security technologies, including EDR/XDR, SIEM, CDR, CNAPP,  DLP, IAM, SASE, MFA, network security solutions, and more.
• Take a leading role in securing Similarweb's adoption of Generative AI & LLM-based technologies, assessing risks, defining security controls, and establishing guardrails for AI agents, MCP-based integrations, and AI-powered applications across the organization.
• Design, implement, and automate security processes, workflows, and controls to improve operational efficiency, visibility, and risk reduction across the organization.
• Partner with IT, DevOps, Engineering, and Product teams to drive security-by-design principles across system architecture, software development and AI lifecycles, cloud infrastructure, and business operations.
• Lead vulnerability management initiatives, including identification, assessment, prioritization, remediation tracking, validation, and reporting across applications and environments.
• Implement, manage, and maintain secure configuration baselines, hardening standards, and technical controls aligned with industry frameworks and best practices, including CIS Benchmarks, NIST(CSF), and ISO/IEC 27000 series.
• Take an active role in security operations activities, including threat detection, IR, security investigations, and continuous monitoring of the organization's security posture.
• Lead GRC initiatives through control implementation, assessments, audit support, customer security & Due Diligence Questionnaires (DDQs), and remediation efforts related to SOC 2, SOX, ISO 27001, and other compliance frameworks.

 

Qualifications

• 5+ years of experience in Information Security, Cybersecurity, or a related technical field.
• Experience securing cloud environments (AWS, GCP, Azure), SaaS platforms, and enterprise applications (APIs and Integrations).
•  Experience implementing and managing security technologies such as EDR/XDR, SIEM, CNAPP, IAM, SSO, MFA, Identity Providers (IdPs), WAF, VPN, DLP, ZTNA, and secure connectivity solutions
• Strong understanding of security frameworks, standards and best practices, such as NIST CSF, CSA, CIS Controls, MITRE ATT&CK, OWASP, SOC 2, or ISO/IEC 27000 series.
• Experience with vulnerabilities/CVEs management, assessment, incident response, and security operations processes.
• Experience working with DevOps, R&D, and IT teams to integrate security into OS, cloud infrastructure, SDLC, applications, and operational processes, including authentication and authorization technologies such as SSO, SAML, OAuth, and OpenID Connect.
• Experience with scripting and automation using Python, Bash, PowerShell, or similar technologies.
• Familiarity with AI security concepts, including risks and controls related to Generative AI, LLMs, AI agents, MCP-based integrations, and AI-powered applications.
• Experience supporting GRC initiatives, audits, compliance programs, and security assurance activities.
• Strong communication and problem-solving skills, with the ability to work independently and collaborate effectively across technical and business teams.
• Experience in a SaaS or global technology company - Advantage
• Security certifications such as CISSP, CISM, AWS Security Specialty, CKS or equivalent  - an advantage.

—-----------------------------------------------------------------------------------------------------------