Skip to content
ArenaArenaSan Francisco, CA

Security Engineer, Anti-Abuse

Builds detection, enforcement, and investigation systems to protect AI evaluation platform from abuse, bots, sybils, rating manipulation, and AI-specific harms like jailbreaks. Requires 6+ years production engineering under adversarial conditions, strong SQL, backend proficiency.

Salary not listed
Hybrid6+ YOESecurity Engineering

About the role

Responsibilities

  • Own the abuse vision for Arena: what gets detected, what gets enforced, how fast, and with what false-positive budget
  • Design and operate detection for bots, sybils, coordinated inauthentic voting, and rating-system manipulation
  • Build enforcement primitives (rate limits, challenges, shadowbans, account actions, model-side refusals) that are reversible, auditable, and humane
  • Detect and mitigate inference abuse and cost exploitation at the platform layer
  • Build jailbreak and multi-provider misuse detection across the models Arena serves, and partner with model-provider trust & safety teams on signal-sharing and escalation
  • Scope and implement abuse monitoring for every new product launch — web search, web fetch, live site deployment, and whatever's next — as part of the launch checklist
  • Prototype and mature into production systems of detection, review, and enforcement for the highest-severity harms (CSAM/NCII, violent extremism, self-harm), including the legal reporting pipeline (e.g., NCMEC)
  • Build internal investigator tooling so policy, on-call, and future T&S analysts can triage incidents without engineering bottleneck
  • Partner with Security on shared surface — account takeover, credential stuffing, API-key abuse, and the identity/behavioral-signal platform
  • Partner with policy, legal, and leadership on acceptable-use policy, enforcement escalations, and public-integrity narrative

Requirements

  • 6+ years of production software engineering experience, including building and operating systems under adversarial conditions
  • Shipped experience in at least one of: trust & safety, anti-abuse, anti-fraud, anti-spam, integrity, or risk engineering
  • Strong SQL and data-analysis skills — this role is 30%+ pattern-finding and investigation, not just shipping code
  • Adversarial and investigative mindset — you can articulate a novel attack before designing the defense, and follow evidence when a novel harm surfaces
  • High judgment on false-positive cost, user harm, and the reversibility of enforcement actions
  • Proficiency in a modern backend language (Node.js, TypeScript, Python, or Go)
  • Excellent communication — you'll build alignment with engineering, product, policy, and leadership routinely

Nice-to-Haves

  • Experience with LLM-specific adversarial inputs — jailbreaks, direct and indirect prompt injection, tool-use abuse
  • Experience with agent safety, browser-automation abuse, or LLM-API abuse
  • Background in securing voting, rating, reputation, or marketplace platforms against coordinated manipulation
  • ML or ML-systems experience — feature engineering, online/offline evaluation, label acquisition, drift handling
  • Experience building investigator or analyst tooling used by non-engineers
  • Contributions to open-source trust & safety, abuse-detection, or adversarial-ML work
  • Background in gaming integrity, ad-fraud, or financial-crime engineering at scale

Skills

SQLNode.jsTypeScriptPythonGoLlm SecurityJailbreak DetectionBot DetectionSybil DetectionData Analysis
Snowflake

Senior Software Engineer

SnowflakeBellevue, WA +1

Senior Software Engineer building Snowflake's core identity, access management, and AI-native security infrastructure for the Data Cloud. Design secure agent workflows, IAM systems, encryption, and policy enforcement tooling at massive scale.

200k – 288k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Software Security Engineering Manager, Secure Frameworks

AnthropicSan Francisco, CA +1

Lead the Secure Frameworks Research team at Anthropic to build high-leverage security libraries and frameworks (cryptographic, serialization, authorization) that prevent vulnerabilities in AI model development. Manage engineers, drive adoption across teams, and balance security rigor with development velocity; requires 5+ years security/software engineering and 3+ years managing security teams.

405k – 485k/yr
Hybrid8+ YOESecurity Engineering
Forus

Founding Security Engineer

ForusNew York, NY

Founding Security Engineer owning cloud (AWS/GCP), product, AI data, detection/response, and compliance (HIPAA/SOC 2) for a healthcare AI platform handling PHI at scale. Requires 7+ years security engineering on strong SWE foundation, hands-on IaC, and multi-domain expertise.

Salary not listed
On-site7+ YOESecurity Engineering
Flexport

Manager, Supply Chain Protection & Loss Intelligence

FlexportMiami, FL

Manager responsible for global supply chain protection, loss prevention, and physical security programs at Flexport. Oversees 50+ security officers, electronic systems (CCTV/access control), data-driven investigations, policy/SOP authoring, and new facility stand-up across offices and fulfillment centers.

Salary not listed
On-site8+ YOESecurity Engineering
Crusoe

Physical Security Manager

CrusoeDallas, TX

Lead day-to-day operations of Crusoe's 24/7 Global Security Operations Center (GSOC), overseeing monitoring, incident response, intelligence, and crisis management to protect facilities and infrastructure. Requires experience building high-performing teams, driving operational maturity, and ensuring compliance in a fast-growing environment.

Salary not listed
On-site7+ YOESecurity Engineering