Skip to content
NotionNotionSan Francisco, CA

Security Engineer, Detection and Response

Build and operate detection systems for cloud, identity, endpoints, and SaaS. Design high-signal detections, improve detection platforms, and participate in incident response.

230k – 260k/yr
Hybrid6+ YOESecurity Engineering

About the role

What You'll Achieve

  • Design and maintain high-signal detections across cloud, identity, endpoints, and SaaS environments.
  • Build and improve the detection platform, including rule lifecycle management, tuning, measurement, and rollout safety.
  • Develop tooling and automation that accelerate triage, enrichment, investigation, and detection authoring, including LLM-based workflows where useful.
  • Translate threat intelligence and adversary TTPs into durable detections, telemetry requirements, and response improvements.
  • Participate in investigations, incident response, and postmortems that drive long-term security improvements.
  • Define and track key metrics such as coverage, MTTD, and alert quality to guide investment decisions.
  • Participate in a shared on-call rotation for incident response.

Skills You'll Need to Bring

  • 6+ years of experience in detection engineering, security operations, incident response, or threat hunting.
  • Built and operated production detections with strong signal quality and sustainable tuning processes.
  • Fluent in one or more detection languages such as Sigma, KQL, SPL, YARA-L, EQL, or Panther.
  • Offensive security mindset with experience leading purple team, blue team, or adversary emulation exercises that improved detections and telemetry.
  • Strong cloud security experience in AWS, GCP, or Azure, including identity-focused attack detection.
  • Hands-on with SIEM, EDR, and SOAR platforms in large-scale environments.
  • Communicate clearly through design docs, runbooks, and incident reports, and can drive projects independently.

Nice to Have

  • Experience applying LLMs or agent-style tooling to security workflows.
  • Experience securing AI-enabled systems or endpoint tooling.
  • Kubernetes or container detection experience.
  • Background in threat intelligence, malware analysis, or digital forensics.
  • Contributions to the detection engineering community through research, tooling, or talks.
  • Experience at a high-growth startup or AI company.

Skills

SigmaKqlSplYara-LEqlPantherSIEMEdrSoarAWSGCPAzureThreat HuntingIncident ResponsePurple Teaming
Baselayer

Senior Engineer, Agentic Identity

BaselayerSan Francisco, CA

Build and own core components of KYA (Know Your Agent), a cryptographic identity substrate for AI agents using verifiable credentials, JWS, OAuth, and Merkle logs. Requires production experience shipping cryptographically correct identity systems in Python and Go.

230k – 340k/yr
Hybrid5+ YOESecurity Engineering
Vanta

Manager, GRC Subject Matter Experts, Product

VantaUnited States

Lead and develop a team of GRC subject matter experts responsible for the lifecycle, quality, and product integration of Vanta's security and compliance frameworks. Own end-to-end framework release processes while partnering with Product and Engineering.

230k – 311k/yr
Remote7+ YOESecurity Engineering
Luma AI

Security Engineer - Tech Lead

Luma AIPalo Alto, CA

Lead design and implementation of security foundations including access governance, RBAC/ABAC, secrets management, and agent permissions for AI platforms. Partner with teams to embed secure practices while maintaining velocity; requires hands-on coding and production security experience.

230k – 360k/yr
HybridSecurity Engineering
Replit

Security Architecture Lead

ReplitFoster City, CA

Leads security architecture for a multi-tenant SaaS platform, defining vision, mentoring engineers, conducting reviews, and managing risks. Requires 8+ years in security engineering, technical leadership, and cloud-native expertise, especially GCP.

228k – 363k/yr
Hybrid8+ YOESecurity Engineering
Vanta

Senior Security Engineer

VantaUnited States

Senior Security Engineer owning risk identification, threat modeling, vulnerability management, and secure architecture projects. Partners with engineering to build security culture and tools while minimizing operational friction. Requires independent ownership, software development experience, and strong collaboration skills.

227k – 267k/yr
Remote5+ YOESecurity Engineering