Digital Turbine

Principal Engineer, Security Operations

Digital Turbine$150K — $180K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • 12+ years of cybersecurity experience in security operations, threat detection, or incident response within global enterprise or SaaS environments
  • Hands-on experience with SOC functions for GCP and AWS, including cloud logging and monitoring
  • Strong understanding of MSSP models and service quality improvement
  • Familiarity with SOC tools like CrowdStrike, Orca, and SIEM/SOAR platforms
  • Understanding of adversary tactics and detection engineering frameworks
  • Experience with compliance programs such as SOC 2, ISO 27001, or SOX
  • Excellent analytical and communication skills for technical presentations
  • Advanced security certifications (CISSP, GCIH, etc.) and preferred Google Cloud certifications

Responsibilities

  • Serve as the primary technical authority for the SOC ecosystem and cloud threat detection strategy
  • Optimize the relationship with the Managed Security Services Provider (MSSP) for detection and response
  • Lead complex incident investigations across GCP, AWS, and containerized workloads
  • Design advanced detection and automation use cases tailored to cloud environments
  • Operationalize and fine-tune tools for maximum visibility and protection
  • Enhance incident response playbooks and threat-hunting methodologies
  • Execute tabletop exercises and business continuity drills to test response readiness
  • Track SOC performance metrics and provide clear insights for stakeholders
  • Collaborate with cross-functional teams to embed operational security practices
  • Contribute to vendor selection and threat intelligence initiatives

Benefits

  • Bonus plan
  • Equity plan
  • 401K
  • Unlimited PTO
Full Job Description
Digital Turbine is seeking a Principal Engineer of Security Operations professional to drive the evolution of our global Security Operations Center (SOC). As the Principal Engineer of Security Operations, you will serve as the company's foremost expert on detection engineering, incident response, and cloud security operations across our multi-cloud (GCP and AWS) environment. The role focuses on technical leadership, operational excellence, and partnership with internal and external teams to ensure resilient 24x7 monitoring and response capabilities. This fulltime role comes with a bonus plan, equity plan, 401K and unlimited PTO. About you as the Principal Engineer of Security Operations: • 12+ years of cybersecurity experience with deep expertise in security operations, threat detection, or incident response within global enterprise or SaaS environments. • Significant hands-on experience developing and managing SOC functions for GCP and AWS, including cloud logging, monitoring, and automation. • Strong familiarity with MSSP models, understanding how to measure and improve service quality through engineering insight and data. • Proficiency with SOC tooling such as CrowdStrike, Orca, SIEM/SOAR platforms, and related telemetry and automation tools. • Deep understanding of modern adversary tradecraft, cloud attack paths, and detection engineering frameworks. • Experience supporting or interfacing with compliance programs such as SOC 2, ISO 27001, or SOX. • Excellent analytical and communication skills, with the ability to present technical findings and risks to both engineers and executives. • Advanced security certifications such as CISSP, GCIH, GCFA, CISM, or CCFR are highly desirable. • Google Cloud certifications (e.g., Professional Cloud Security Engineer, Professional Cloud Architect) preferred. About the role of the Principal Engineer of Security Operations: • Serve as the primary technical authority for Digital Turbine's SOC ecosystem and cloud threat detection strategy. • Optimize and mature our relationship with a Managed Security Services Provider (MSSP), ensuring detection quality, response speed, and continuous tuning meet DT's requirements. • Lead and execute complex incident investigations, encompassing triage, analysis, containment, and remediation across GCP, AWS, and containerized workloads (Kubernetes, serverless, etc.). • Design and maintain advanced detection and automation use cases using SIEM, SOAR, and log management platforms, tailored to DT's cloud environments. • Operationalize and fine-tune tools such as CrowdStrike, Orca Security, and related platforms to maximize visibility and protection coverage. • Develop, test, and enhance incident response playbooks and threat-hunting methodologies aligned with MITRE ATT&CK and industry best practices. • Plan, coordinate, and execute tabletop exercises, as well as business continuity (BC) and disaster recovery (DR) drills, to validate response readiness and cross-team coordination • Define and track SOC performance metrics (e.g., MTTD, MTTR), producing clear and actionable insights for leadership and technical stakeholders. • Collaborate with DevOps, application engineering, GRC, and legal teams to embed operational security practices that support compliance and business goals. • Contribute to vendor selection, tooling evaluation, and threat intelligence initiatives that strengthen DT's overall security posture. • Act as a mentor and thought leader for peers and cross-functional partners on detection engineering, incident response, and cloud security best practices.

About Digital Turbine

Digital Turbine, Inc. is a mobile software company that delivers products and solutions for mobile operators, device OEMs, and third-party advertisers. The company's products include Ignite, a mobile device management solution, and SingleTap, a mobile advertising platform. Digital Turbine was founded in 1998 and is headquartered in Austin, Texas.
Learn more about Digital Turbine
Size
844 employees
Market Cap
$1.4 billion
Industry
Net Income
$38.6 million
5 Year Trend
+79.4%
Revenue
$257.8 million
NASDAQ

Similar Jobs

More Jobs at Digital Turbine

More Information Technology Jobs

Find similar Principal Engineer, Security Operations jobs: