Senior Security Engineer focused on building detection systems, incident response automation, and maturing telemetry pipelines across cloud environments. Requires 5+ years in detection engineering or security operations and production-grade coding skills.
238k – 297k
On-site5+ YOESecurity Engineering
About the role
Responsibilities
Engineer, test, and deploy detection logic across cloud and enterprise environments, treating detections as software with version control, peer review, and measurable performance.
Build and maintain incident response automation, runbooks, and tooling that reduce containment timelines without sacrificing developer velocity.
Mature telemetry pipelines through improved schema design, normalization, enrichment, and quality checks that reduce false positives and increase signal fidelity.
Perform digital incident investigations to identify and contain potential security breaches.
Conduct digital forensics and malware analysis to understand attack vectors and adversary methodologies.
Integrate alerting with messaging and ticketing systems to enable fast, traceable response workflows.
Partner cross-functionally with IT, security, and engineering teams to harden identity and access patterns, close logging and forensics gaps, and implement maintainable guardrails that scale with the organization.
Utilize threat intelligence platforms to improve hunting, detection, and response workflows.
Clearly explain the significance and impact of incidents, providing actionable recommendations to both technical and non-technical stakeholders.
Requirements
5+ years of experience in Detection Engineering, Incident Response, or Security Operations, with a strong emphasis on building and shipping security tooling and automation.
Proficiency in at least one programming language (e.g., Python, Go) and comfort writing production-grade code.
Hands-on experience designing or improving detection pipelines, SIEM content, and alerting workflows in cloud-native environments.
Practical experience with SIEM, EDR, and SOAR tools, with a preference for candidates who have built integrations or extended these platforms programmatically.
Strong understanding of modern cyber threats, common attack techniques, and adversary TTPs.
Familiarity with digital forensics tools and malware analysis techniques.
Experience with cloud-native environments (e.g., AWS, GCP, Azure) and the security telemetry those environments generate.
Exposure to threat intelligence platforms and integrating intel into detection and investigation workflows.
Strong communication skills, with the ability to translate complex security findings into clear business impact.
Secures large cloud environments (AWS, Azure, GCP), orchestrates and secures compute/GPU clusters, and reviews infrastructure as code like Terraform. Requires expertise in cloud security, Kubernetes, NodeJS/TypeScript, and IaC tools.
Conducts deep investigations into sophisticated threat actors misusing AI models and targeting OpenAI, leveraging OSINT, telemetry, and scripting to identify disruptions. Builds scalable tooling and automations to enhance detection and safety, partnering cross-functionally for impact.
234k – 385k
RemoteSecurity Engineering
Application Security Engineer
RetoolSan Francisco, CA
Application Security Engineer identifies systemic security gaps, builds tooling and automation like custom linters and static analysis, conducts code reviews and threat modeling, and drives vulnerability remediation in a TypeScript/Python codebase. Requires 5+ years hands-on AppSec experience and strong engineering depth.
232k – 318k
On-site5+ YOESecurity Engineering
Technical Abuse Investigator
OpenAISan Francisco, CA +1
Investigates and disrupts malicious use of OpenAI's AI platform using complex datasets and technical tools. Builds scalable solutions like SQL/Python pipelines to enhance team efficiency; requires 5+ years abuse investigation experience and technical projects.
Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.