Security Engineer, Detection and Response
Build and operate detection systems for cloud, identity, endpoints, and SaaS. Design high-signal detections, improve detection platforms, and participate in incident response.
Build and own core components of KYA (Know Your Agent), a cryptographic identity substrate for AI agents using verifiable credentials, JWS, OAuth, and Merkle logs. Requires production experience shipping cryptographically correct identity systems in Python and Go.
Build and operate detection systems for cloud, identity, endpoints, and SaaS. Design high-signal detections, improve detection platforms, and participate in incident response.
Lead and develop a team of GRC subject matter experts responsible for the lifecycle, quality, and product integration of Vanta's security and compliance frameworks. Own end-to-end framework release processes while partnering with Product and Engineering.
Lead design and implementation of security foundations including access governance, RBAC/ABAC, secrets management, and agent permissions for AI platforms. Partner with teams to embed secure practices while maintaining velocity; requires hands-on coding and production security experience.
Leads security architecture for a multi-tenant SaaS platform, defining vision, mentoring engineers, conducting reviews, and managing risks. Requires 8+ years in security engineering, technical leadership, and cloud-native expertise, especially GCP.
Senior Security Engineer owning risk identification, threat modeling, vulnerability management, and secure architecture projects. Partners with engineering to build security culture and tools while minimizing operational friction. Requires independent ownership, software development experience, and strong collaboration skills.