Security Engineer focused on operating the SIEM, building AI-augmented detection tooling, triaging alerts, and leading incident response for a high-scale mobile adtech platform.
172k – 240k
Remote5+ YOESecurity Engineering
About the role
Responsibilities
Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline.
Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment.
Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT.
Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable.
Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil.
Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks.
Close the feedback loop between the team's offensive and proactive findings and detection coverage.
Partner across the security team on cloud, infrastructure, and application security work.
Participate in the Security team's on-call rotation and incident response.
Requirements
5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus.
Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts.
Write production-quality code for security automation and detection-as-code.
Experience leading or substantially contributing to security incident response.
Strong technical writing — design docs, runbooks, and post-incident reviews.
Demonstrated judgment in prioritizing security work using a risk-based approach.
Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems.
Excellent verbal communication.
Willing to participate in an on-call rotation.
Nice-to-Haves
Hands-on experience with an AI-augmented SOC platform (Prophet Security, Dropzone AI, or equivalent), or with building large language model (LLM) augmented investigation and runbook tooling.
Experience operating in cloud environments at scale.
Cloud incident response experience, particularly in AWS.
Endpoint forensics for incident response on Mac and/or Linux.
Detection-as-code workflows in continuous integration and deployment (CI/CD) pipelines.
Security Engineer responsible for endpoint security architecture, MDM administration (Jamf, Intune), compliance enforcement, and automation across macOS, Windows, iOS, and Android devices. Requires 3-6 years MDM experience, OSQuery/CrowdStrike expertise, and a security-first mindset.
170k – 205k
On-site3+ YOESecurity Engineering
Software Engineer, Trust & Safety
SunoSan Francisco, CA
Suno is seeking a Software Engineer, Trust & Safety to protect its platform and users from abuse, fraud, and harmful content. This role involves building data pipelines, anomaly detection systems, and internal tools to ensure user safety and platform integrity.
170k – 240k
On-site3+ YOESecurity Engineering
Vulnerability Automation Engineer
Lumin DigitalUnited States
Designs and builds autonomous vulnerability automation pipelines using AI tools to discover assets, scan vulnerabilities, harden configurations, and auto-remediate in cloud-native environments. Requires 5+ years in security engineering, DevSecOps, IaC, and cloud security tools.
170k – 190k
Remote5+ YOESecurity Engineering
Software Engineer, Security Infrastructure
SiftstackMarina del Rey, CA +2
Builds and automates security controls, tooling, and compliance for AWS, Kubernetes, and CI/CD in cloud-native environments. Requires 4+ years in security engineering with hands-on IaC, scripting, and frameworks like SOC 2/FedRAMP.
170k – 220k
Hybrid4+ YOESecurity Engineering
Incident Response Security Engineer
ClickhouseUnited States
Handles security incidents, develops detection and response processes, maintains logging platforms, and automates risk mitigation for cloud services. Requires experience in incident response, threat modeling, cloud security, and programming in Golang/Python.