Lead and manage a security operations team responsible for detection, incident response, and security automation while coaching engineers and managing vendor relationships. Requires 5+ years in security operations and 2+ years of people management experience.
194k – 217k/yr
Remote5+ YOESecurity Engineering
About the role
Responsibilities
Lead the team responsible for detecting, investigating, responding to, and learning from security events
Manage and coach a team of security engineers while remaining hands-on with detection design, alert tuning, incident response, runbooks, operations, and security automation
Manage relationships with security operations vendors
Work closely with Security, Engineering, IT, Compliance, Privacy, and external partners to improve protection of patient and provider data
Requirements
5+ years of professional experience in security operations, detection engineering, incident response, threat hunting, cloud security, or a related security engineering role
2+ years of direct people management experience for security engineers, incident responders, analysts, or a security operations / detection and response team
Hands-on proficiency building, tuning, and operating detections in a modern SIEM and managing a SOAR tool (or comparable security operations solutions)
Demonstrated expertise leading or materially contributing to incident response, including triage, containment, stakeholder communication, and post-incident improvements
Working knowledge of cloud service provider and SaaS security telemetry, identity logs, endpoint security signals, and common attacker behaviors
Nice-to-Haves
Experience in healthcare or another regulated environment where incident response, privacy, and compliance requirements intersect
Experience owning an MDR provider relationship, defining escalation quality expectations, running vendor reviews, and improving vendor-to-internal handoff workflows
Experience applying MITRE ATT&CK, threat hunting methods, or detection engineering frameworks to prioritize coverage gaps
Proficiency querying and analyzing security data using SQL, Python, or similar tools; familiarity with security data lakes, OCSF, Athena, Trino, Panther, or comparable platforms
Experience building or improving security on-call, shared escalation models, incident command, tabletop exercises, or post-incident review practices
Relevant security certifications such as OSCP, GCIH, GCIA, GCFA, or GSOC
Benefits
100% remote work environment (must be based in United States, currently not hiring in Hawaii)
Comprehensive health benefits: Medical, dental, vision, life, disability, and FSA/HSA
401(k) plan access
Generous time-off policies including 2 company-wide shutdown weeks each year
Paid parental leave
Employee Assistance Program (EAP)
Quarterly department stipend
Home office stipend & $50 monthly stipend for internet or cell phone expenses
This Security Engineer role focuses on developing secure AI and LLM integrations, building automated threat modeling tools, and reducing security debt across the product portfolio. The role involves working with product engineering teams to design secure solutions and leading cross-team security initiatives.
194k – 268k/yr
Remote5+ YOESecurity Engineering
Protection Scientist Engineer, Intelligence and Investigations
OpenAISan Francisco, CA +2
Designs and builds systems to proactively detect and enforce against product abuse using data science, ML, and investigations. Collaborates cross-functionally on monitoring new/existing products and responding to critical escalations. Requires 4+ years in technical analysis with SQL/Python.
198k – 425k/yr
Hybrid4+ YOESecurity Engineering
Enterprise Security Engineer
BenchlingSan Francisco, CA
Enterprise Security Engineer building zero trust architecture, IAM controls, and macOS MDM at a biotech AI platform. Requires 5+ years security/IAM experience with deep Okta and identity protocol expertise.
189k – 256k/yr
Hybrid5+ YOESecurity Engineering
Detection & Response Security Engineer
HarveySan Francisco, CA +1
Offensive-minded blue teamer building and leading Harvey's Detection & Response program. Develop threat scenarios, detection rules, data pipelines on ClickHouse, and lead incident response for their AI platform. Requires 4+ years in security/SRE/software engineering with hands-on incident response and weakness discovery experience.
188k – 282k/yr
Hybrid4+ YOESecurity Engineering
Security Engineer
NooksSan Francisco, CA
Second Security Engineer at Nooks.ai, securing an AI-native sales platform and its AI agents. Own threat modeling, secure SDLC, cloud hardening, compliance (SOC 2), and novel AI security challenges (guardrails, prompt injection). Requires 4-5+ years in infosec with strong app/cloud security fundamentals; startup experience preferred.