Skip to content
LiftoffLiftoffUnited States

Security Engineer, Detection & Response

Security Engineer focused on operating the SIEM, building AI-augmented detection tooling, triaging alerts, and leading incident response for a high-scale mobile adtech platform.

172k – 240k
Remote5+ YOESecurity Engineering

About the role

Responsibilities

  • Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline.
  • Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment.
  • Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT.
  • Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable.
  • Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil.
  • Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks.
  • Close the feedback loop between the team's offensive and proactive findings and detection coverage.
  • Partner across the security team on cloud, infrastructure, and application security work.
  • Participate in the Security team's on-call rotation and incident response.

Requirements

  • 5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus.
  • Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts.
  • Write production-quality code for security automation and detection-as-code.
  • Experience leading or substantially contributing to security incident response.
  • Strong technical writing — design docs, runbooks, and post-incident reviews.
  • Demonstrated judgment in prioritizing security work using a risk-based approach.
  • Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems.
  • Excellent verbal communication.
  • Willing to participate in an on-call rotation.

Nice-to-Haves

  • Hands-on experience with an AI-augmented SOC platform (Prophet Security, Dropzone AI, or equivalent), or with building large language model (LLM) augmented investigation and runbook tooling.
  • Experience operating in cloud environments at scale.
  • Cloud incident response experience, particularly in AWS.
  • Endpoint forensics for incident response on Mac and/or Linux.
  • Detection-as-code workflows in continuous integration and deployment (CI/CD) pipelines.
  • Mobile adtech or high-volume SaaS background.

Skills

SIEMPantherDetection EngineeringIncident ResponsePythonSecurity AutomationAWSAi-Augmented SocEndpoint ForensicsCI/CD
Crusoe

Endpoint Security Engineer

CrusoeSan Francisco, CA +2

Security Engineer responsible for endpoint security architecture, MDM administration (Jamf, Intune), compliance enforcement, and automation across macOS, Windows, iOS, and Android devices. Requires 3-6 years MDM experience, OSQuery/CrowdStrike expertise, and a security-first mindset.

170k – 205k
On-site3+ YOESecurity Engineering
Suno

Software Engineer, Trust & Safety

SunoSan Francisco, CA

Suno is seeking a Software Engineer, Trust & Safety to protect its platform and users from abuse, fraud, and harmful content. This role involves building data pipelines, anomaly detection systems, and internal tools to ensure user safety and platform integrity.

170k – 240k
On-site3+ YOESecurity Engineering
Lumin Digital

Vulnerability Automation Engineer

Lumin DigitalUnited States

Designs and builds autonomous vulnerability automation pipelines using AI tools to discover assets, scan vulnerabilities, harden configurations, and auto-remediate in cloud-native environments. Requires 5+ years in security engineering, DevSecOps, IaC, and cloud security tools.

170k – 190k
Remote5+ YOESecurity Engineering
Siftstack

Software Engineer, Security Infrastructure

SiftstackMarina del Rey, CA +2

Builds and automates security controls, tooling, and compliance for AWS, Kubernetes, and CI/CD in cloud-native environments. Requires 4+ years in security engineering with hands-on IaC, scripting, and frameworks like SOC 2/FedRAMP.

170k – 220k
Hybrid4+ YOESecurity Engineering
Clickhouse

Incident Response Security Engineer

ClickhouseUnited States

Handles security incidents, develops detection and response processes, maintains logging platforms, and automates risk mitigation for cloud services. Requires experience in incident response, threat modeling, cloud security, and programming in Golang/Python.

169k – 225k
RemoteSecurity Engineering