Skip to content
SupabaseSupabaseUnited States

Anti Abuse Engineer

Build and operate abuse detection and response systems at scale for Supabase's multi-tenant platform. Triage signals, lead incidents, tune detection logic, and automate remediation using SQL and Python.

Salary not listed
Remote3+ YOESecurity Engineering

About the role

What You’ll Own

Abuse Detection & Signal Triage

  • Monitor inbound abuse signals across platform telemetry, HackerOne reports, support queues, and internal alerting pipelines
  • Triage abuse cases end-to-end, assessing severity and blast radius, classifying actor types, and routing to the correct response track
  • Own the abuse case queue with clear SLAs to ensure no active threats age out without a definitive decision
  • Identify complex patterns across distinct cases that point toward coordinated campaigns or emerging attack techniques

Incident Response & Remediation

  • Lead response efforts for active abuse incidents, coordinating closely with Platform and Infrastructure teams to execute containment actions and drive remediation to closure
  • Write clear, timely communications to affected users and internal stakeholders throughout the lifecycle of an incident
  • Conduct thorough post-incident reviews, feeding findings back into detection rules, runbooks, and platform controls
  • Maintain and improve incident runbooks to ensure response execution is consistent, scalable, and reproducible across time zones

Detection Engineering & Automation

  • Build and tune detection logic against platform telemetry and Supabase-native data sources, including Postgres query patterns, Edge Function invocations, auth anomalies, and storage abuse
  • Automate repetitive triage and response actions to aggressively reduce manual toil, increase response speed, and improve consistency
  • Contribute to the Anti-Abuse Platform architecture, optimizing the blocklist schema, the remediation action ladder (L1–L4), and enforcement pipelines
  • Instrument metrics for detection coverage and alert fidelity, closely tracking false positive rates, detection latency, and remediation time

Tooling & Platform Improvement

  • Maintain and improve the abuse operations toolchain, including case management systems, escalation workflows, and engineering reporting dashboards
  • Partner with Core Engineering to design and implement platform-layer controls that eliminate abuse vectors by design rather than by reactive response
  • Support Supabase for Platforms (SfP) customers by operationalizing the centralized Anti-Abuse platform for enterprise-grade use cases

Requirements

  • 3+ years of experience in a security operations, trust & safety, or abuse-focused engineering role at a cloud-native product or platform company
  • Hands-on experience with detection logic, including writing rules, tuning thresholds, and reducing noise in high-volume, highly complex signal environments
  • Proven ability to run incident response end-to-end (triage, containment, communication, and postmortems)
  • Proficient in SQL and a scripting language (Python heavily preferred) for log analysis, pattern detection, and building automation workflows
  • Deep familiarity with abuse actor techniques, such as credential stuffing, account takeover (ATO), compute abuse, exfiltration, and spam/phishing infrastructure
  • Thrive operating async-first in a globally distributed team — write clearly, default to explicit documentation, and close loops without needing reminders

Nice to Have

  • Experience with Postgres, PostgREST, or Supabase platform internals
  • Prior work building, scaling, or operating a multi-tenant abuse detection or trust & safety platform
  • Familiarity with threat intelligence feeds and IOC enrichment pipelines
  • Exposure to modern SIEM tooling (Scanner.dev, Splunk, Datadog, or similar)
  • Experience triaging and managing HackerOne or Bugcrowd reports at volume
  • Working knowledge of SOC 2, ISO 27001, or similar compliance frameworks

Skills

SQLPythonDetection EngineeringIncident ResponseSIEMThreat IntelligencePostgresPostgrestSplunkDatadog
Forus

Security Program Manager

ForusNew York, NY

Own end-to-end compliance programs (SOC 2, HIPAA, HITRUST), build customer trust function, implement automation, and partner with engineering on controls for a healthcare AI platform handling protected health information.

Salary not listed
On-site4+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k
HybridSecurity Engineering
Zocdoc

Application Security Engineer

ZocdocUnited States

Application Security Engineer partnering with engineering teams to embed security into the SDLC, triage SAST/SCA findings, provide remediation guidance on OWASP issues, maintain security docs/playbooks, support governance/audits, and integrate GenAI tools while building AI governance guardrails.

100k – 140k
RemoteSecurity Engineering
Cloudflare

Detection & Mitigation Engineer

CloudflareUnited States

Security Detections Engineer identifying attacker TTPs, building real-time detections, and mitigating threats/abuse across Cloudflare's global platform using data analysis, SQL, scripting, and threat intelligence. Requires strong analytical and communication skills.

Salary not listed
HybridSecurity Engineering
Mintlify

Security & Compliance Operations Manager

MintlifySan Francisco, CA

Own and run Mintlify's end-to-end security and compliance programs (SOC 2, ISO 27001/42001, GDPR, Microsoft SSPA) as the first dedicated GRC Program Manager. Administer Drata, manage audits/vendors/evidence, handle customer-facing compliance, and coordinate with engineering.

120k – 180k
On-site3+ YOESecurity Engineering