Build and operate detection systems for cloud, identity, endpoints, and SaaS. Design high-signal detections, improve detection platforms, and participate in incident response.
230k – 260k/yr
Hybrid6+ YOESecurity Engineering
About the role
What You'll Achieve
Design and maintain high-signal detections across cloud, identity, endpoints, and SaaS environments.
Build and improve the detection platform, including rule lifecycle management, tuning, measurement, and rollout safety.
Develop tooling and automation that accelerate triage, enrichment, investigation, and detection authoring, including LLM-based workflows where useful.
Translate threat intelligence and adversary TTPs into durable detections, telemetry requirements, and response improvements.
Participate in investigations, incident response, and postmortems that drive long-term security improvements.
Define and track key metrics such as coverage, MTTD, and alert quality to guide investment decisions.
Participate in a shared on-call rotation for incident response.
Skills You'll Need to Bring
6+ years of experience in detection engineering, security operations, incident response, or threat hunting.
Built and operated production detections with strong signal quality and sustainable tuning processes.
Fluent in one or more detection languages such as Sigma, KQL, SPL, YARA-L, EQL, or Panther.
Offensive security mindset with experience leading purple team, blue team, or adversary emulation exercises that improved detections and telemetry.
Strong cloud security experience in AWS, GCP, or Azure, including identity-focused attack detection.
Hands-on with SIEM, EDR, and SOAR platforms in large-scale environments.
Communicate clearly through design docs, runbooks, and incident reports, and can drive projects independently.
Nice to Have
Experience applying LLMs or agent-style tooling to security workflows.
Experience securing AI-enabled systems or endpoint tooling.
Kubernetes or container detection experience.
Background in threat intelligence, malware analysis, or digital forensics.
Contributions to the detection engineering community through research, tooling, or talks.
Experience at a high-growth startup or AI company.
Build and own core components of KYA (Know Your Agent), a cryptographic identity substrate for AI agents using verifiable credentials, JWS, OAuth, and Merkle logs. Requires production experience shipping cryptographically correct identity systems in Python and Go.
230k – 340k/yr
Hybrid5+ YOESecurity Engineering
Manager, GRC Subject Matter Experts, Product
VantaUnited States
Lead and develop a team of GRC subject matter experts responsible for the lifecycle, quality, and product integration of Vanta's security and compliance frameworks. Own end-to-end framework release processes while partnering with Product and Engineering.
230k – 311k/yr
Remote7+ YOESecurity Engineering
Security Engineer - Tech Lead
Luma AIPalo Alto, CA
Lead design and implementation of security foundations including access governance, RBAC/ABAC, secrets management, and agent permissions for AI platforms. Partner with teams to embed secure practices while maintaining velocity; requires hands-on coding and production security experience.
230k – 360k/yr
HybridSecurity Engineering
Security Architecture Lead
ReplitFoster City, CA
Leads security architecture for a multi-tenant SaaS platform, defining vision, mentoring engineers, conducting reviews, and managing risks. Requires 8+ years in security engineering, technical leadership, and cloud-native expertise, especially GCP.
228k – 363k/yr
Hybrid8+ YOESecurity Engineering
Senior Security Engineer
VantaUnited States
Senior Security Engineer owning risk identification, threat modeling, vulnerability management, and secure architecture projects. Partners with engineering to build security culture and tools while minimizing operational friction. Requires independent ownership, software development experience, and strong collaboration skills.