Skip to content
WriterWriterSan Francisco, CA

Security engineer, detection and response (US)

Builds and implements detection systems and automated responses for AI-specific threats like prompt injection and model extraction on distributed GPU infrastructure. Leads incident response, proactive threat hunting, and cross-team security coordination with 3-5+ years in security operations.

200k – 240k/yr
Hybrid3+ YOESecurity Engineering

About the role

What you’ll do

  • Design and implement detection strategies that identify AI-specific threats including prompt injection, model extraction, data poisoning, adversarial examples, and unauthorized access to training datasets or model weights across our distributed infrastructure
  • Build automated response playbooks and orchestration workflows that contain threats without human intervention, creating self-healing security systems that reduce mean time to response from hours to minutes while automatically remediating compromised inference endpoints
  • Lead security incident response coordination across all teams (Cloud, AppSec, Enterprise, AI Security) when AI infrastructure or models are compromised, conducting forensic investigations on training pipeline attacks and model manipulation attempts while drafting clear incident communications for engineering and executive leadership
  • Hunt proactively for sophisticated threats across GPU clusters and training infrastructure by analyzing model outputs for signs of compromise, reproducing AI-specific vulnerabilities from security research, and identifying visibility gaps in distributed training environments before adversaries exploit them
  • Build detection-as-code frameworks with version control and automated deployment, onboard telemetry from AI training infrastructure and inference endpoints, and create dashboards that track model security metrics, GPU utilization patterns, and access to sensitive research data
  • Collaborate cross-functionally as the operational security partner for all teams – translating AI Security's threat research into production detections, monitoring Cloud Infrastructure's GPU clusters for threats, detecting customer-impacting incidents for Software Security Engineering, and enabling responsible AI development through security guardrails
  • Maintain 24/7 on-call rotation for critical AI security incidents, responding to real-time threats targeting our platform while continuously improving detection coverage and automation capabilities as our AI systems evolve

What you need

  • 3-5+ years in security operations, detection engineering, or incident response with a proven track record of identifying and stopping sophisticated attacks in production environments, specifically securing AI/ML infrastructure, high-performance computing environments, or other distributed systems at scale
  • Strong programming skills in Python, KQL, SPL, or similar languages that allow you to build custom detection logic, automate response workflows, and create tools that operationalize security at scale across cloud-native and distributed computing environments
  • Experience with SIEM platforms, detection technologies, and forensic investigation techniques with demonstrated ability to build detection for novel attack techniques that don't have established patterns yet and to conduct forensics in complex distributed environments
  • Self-directed execution mindset with a track record of securing high-value intellectual property, automating incident response in complex environments, and identifying critical security gaps through proactive threat hunting before they become incidents

Benefits & perks (US Full-time employees)

  • Generous PTO, plus company holidays
  • Medical, dental, and vision coverage for you and your family
  • Paid parental leave for all parents (16 weeks)
  • Fertility and family planning support
  • Early-detection cancer testing through Galleri
  • Flexible spending account and dependent FSA options
  • Health savings account for eligible plans with company contribution
  • Annual work-life stipends for: Wellness stipend for gym, massage/chiropractor, personal training, etc. Learning and development stipend
  • Company-wide off-sites and team off-sites
  • Competitive compensation, company stock options and 401k

Skills

PythonKqlSplSIEMDetection EngineeringIncident ResponseThreat HuntingGpu ClustersAi/Ml SecurityCloud-Native EnvironmentsForensic InvestigationDetection-As-CodeTelemetryDashboards
Nooks

Security Engineer

NooksSan Francisco, CA

Second Security Engineer at Nooks.ai, securing an AI-native sales platform and its AI agents. Own threat modeling, secure SDLC, cloud hardening, compliance (SOC 2), and novel AI security challenges (guardrails, prompt injection). Requires 4-5+ years in infosec with strong app/cloud security fundamentals; startup experience preferred.

200k – 315k/yr
Hybrid5+ YOESecurity Engineering
Decagon

Platform Engineer, Security

DecagonSan Francisco, CA

Lead application security strategy and implementation for Decagon's conversational AI platform. Partner with engineering teams to build security into AI-powered applications and establish testing programs.

200k – 330k/yr
On-site3+ YOESecurity Engineering
Notion

Software Engineer, Trust

NotionSan Francisco, CA +1

Builds authentication, security features, and AI-powered risk detection systems to ensure user trust and safety at scale. Requires 5-8 years experience in trust/safety/security with cross-functional collaboration.

200k – 280k/yr
Hybrid5+ YOESecurity Engineering
Thinking Machines Lab

Infrastructure Engineer, Security

Thinking Machines LabSan Francisco, CA

Owns and evolves security infrastructure across compute, storage, networking, and data platforms for foundation models. Architects secure patterns, manages identities/secrets, builds threat models, and automates security checks in Kubernetes/cloud environments. Requires strong systems programming and infra experience.

200k – 475k/yr
On-siteSecurity Engineering
Decagon

Security Engineer

DecagonSan Francisco, CA

Build and scale security foundations for Decagon's AI customer experience platform, implementing controls, tooling, detection pipelines, and partnering with engineering teams. Requires 3+ years security engineering with strong coding skills and cloud experience, ideally Google Cloud; onsite in San Francisco.

200k – 330k/yr
On-site3+ YOESecurity Engineering