# Security Engineer, Detection & Response

**Company:** [Liftoff](https://hotfix.jobs/companies/liftoff)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $172k – $240k/yr
**Experience:** 5+ years
**Skills:** SIEM, Panther, Detection Engineering, Incident Response, Python, Security Automation, AWS, Ai-Augmented Soc, Endpoint Forensics, CI/CD
**Posted:** 2026-05-15

> Security Engineer focused on operating the SIEM, building AI-augmented detection tooling, triaging alerts, and leading incident response for a high-scale mobile adtech platform.

## Job Description

## Responsibilities
- Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline.
- Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment.
- Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT.
- Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable.
- Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil.
- Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks.
- Close the feedback loop between the team's offensive and proactive findings and detection coverage.
- Partner across the security team on cloud, infrastructure, and application security work.
- Participate in the Security team's on-call rotation and incident response.

## Requirements
- 5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus.
- Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts.
- Write production-quality code for security automation and detection-as-code.
- Experience leading or substantially contributing to security incident response.
- Strong technical writing — design docs, runbooks, and post-incident reviews.
- Demonstrated judgment in prioritizing security work using a risk-based approach.
- Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems.
- Excellent verbal communication.
- Willing to participate in an on-call rotation.

## Nice-to-Haves
- Hands-on experience with an AI-augmented SOC platform (Prophet Security, Dropzone AI, or equivalent), or with building large language model (LLM) augmented investigation and runbook tooling.
- Experience operating in cloud environments at scale.
- Cloud incident response experience, particularly in AWS.
- Endpoint forensics for incident response on Mac and/or Linux.
- Detection-as-code workflows in continuous integration and deployment (CI/CD) pipelines.
- Mobile adtech or high-volume SaaS background.

## Similar roles

- [Endpoint Security Engineer](https://hotfix.jobs/jobs/e9f904e5-b1d3-4a26-b61e-06c5e375ab90) - Crusoe - San Francisco, CA - $170k – $205k/yr
- [Software Engineer, Trust & Safety](https://hotfix.jobs/jobs/7d005694-1f26-43da-8d18-cb58960d2d1e) - Suno - San Francisco, CA - $170k – $240k/yr
- [Vulnerability Automation Engineer](https://hotfix.jobs/jobs/1a05493d-ddf1-4123-8eaa-22774b293d93) - Lumin Digital - Remote - $170k – $190k/yr
- [Software Engineer, Security Infrastructure](https://hotfix.jobs/jobs/10bace96-4568-4b74-8991-363cb538257c) - Siftstack - Marina del Rey, CA - $170k – $220k/yr
- [Incident Response Security Engineer](https://hotfix.jobs/jobs/d002a19f-a1ab-4434-977e-b1a71be0e1c8) - Clickhouse - Remote - $169k – $225k/yr

**Apply:** https://hotfix.jobs/jobs/28f93e48-86dd-4627-a850-c2fe4fa0a170
**Canonical:** https://hotfix.jobs/jobs/28f93e48-86dd-4627-a850-c2fe4fa0a170