Who We Are

Veteran-led. Operator-built. Evidence-driven.

enLight10 Solutions is led by a cyber operations executive with deep experience standing up mission-ready security operations, executing advanced threat hunting, and leading outcomes under pressure. We’re building Watchtower™ as the investigation and evidence workspace we always wished we had.

Our focus is simple: reduce time-to-answer, reduce tool sprawl, and produce defensible proof — what happened → what it meant → what we did.

Start a Pilot Meet the Founder Explore Watchtower CRP™

Founder

Customers don’t need another “cyber brand.” They need leaders who’ve owned outcomes under pressure — and can build a capability that holds up to mission and audit scrutiny.

Jay Moreno

Founder • Cybersecurity Executive • SOC/NSOC Builder

15+ yrs technical 9 yrs leadership AI + Automation Zero Trust cATO / Continuous Monitoring CISSP • GCIA TS/SCI Eligible

Jay was recruited to design, stand up, and lead a mission-ready NSOC supporting INDOPACOM requirements — integrating SOC/NOC/ops situational awareness, playbooks, escalation paths, and automation into a unified operational construct.

Prior to that, he led enterprise SOC operations, IR, and detection improvements, and has executed advanced threat hunting in support of USCYBERCOM national mission teams — including hunt-forward operations and high-stakes environments where clarity and speed matter.

Why this matters for partners

  • We speak operator. We’ve lived shift ops, incident tempo, and mission pressure.
  • We ship usable. Integration-first delivery that fits real workflows and constraints.
  • We build defensible proof. Timelines, artifacts, decisions — ready for leadership and audit.
  • We design for governance. Human-in-the-loop AI, logging, review gates, and traceability.

What We Deliver

We combine hands-on operational leadership with engineering discipline — so customers get real outcomes now, and a stronger operating picture over time.

Security Operations & Incident Response

Monitoring, triage, investigations, and response support — designed for environments where speed, clarity, and evidence matter.

  • Case-based workflows with timelines and artifacts
  • Actionable recommendations and IR reporting
  • Operational cadence: daily/weekly/monthly reporting

Engineering & Tool Integration

Connect what you already own and reduce dashboard chaos — log pipelines, SIEM/EDR integration, and automation glue that actually gets used.

  • SIEM onboarding + tuning and use-case engineering
  • Identity, endpoint, and network data integration
  • Automation and ITSM enrichment patterns

Watchtower Platform

Our operating workspace for investigations, evidence, and reasoning — built to help defenders decide faster and communicate clearly.

  • Evidence packs for audits and leadership
  • Analyst-assist summaries and report drafting
  • Designed for constrained / real-world operations

How We Work

We’re hands-on, subcontract-friendly, and mission-aligned. We don’t add complexity for its own sake — we simplify operations and improve outcomes.

Operator-first

We design around the analyst workflow: triage → investigate → contain → report. If it doesn’t help operations, it doesn’t ship.

Evidence-first

Security work has to stand up to scrutiny. We build repeatable documentation: timelines, artifacts, decisions, and reporting that auditors and leaders can understand.

Integration, not replacement

You keep your existing tools. We connect and rationalize them, then layer automation and reasoning on top to reduce time-to-answer.

Human-in-the-loop AI

AI is for acceleration, not autopilot. Summaries, drafting, and suggestion flows are controlled by analysts, with traceability baked in.

Connect with us

If you’re exploring Watchtower, looking for SOC support, or discussing teaming opportunities — we’re open to a straightforward conversation about your environment and what “better” looks like.

Start a Pilot Explore Watchtower CRP™ Prime Partners