Security Engineer, Insider Threat Detection & Response

About Our TeamAt OpenAI, our commitment to security is integral to our mission of ensuring that artificial general intelligence serves the betterment of humanity.Our dedicated Security team safeguards OpenAI's innovative technology, workforce, and products. We emphasize a technical yet operational approach, supporting all research and products across the organization. Our core principles include prioritizing impactful security measures, empowering researchers, preparing for future technologies, and cultivating a robust security culture.About This OpportunityAs a Security Engineer specializing in Detection and Response, you'll collaborate with our talented engineers and researchers to build, manage, and secure groundbreaking AI technologies. Your role will encompass all facets of Detection & Response, contributing as a versatile generalist within the Security team. Key responsibilities include:Lead initiatives across various security domains including Application Security, Infrastructure Security, Offensive Security, and Detection and Response.Innovate solutions to address emerging security challenges.Collaborate on pioneering AI research and leverage AI to enhance OpenAI’s security posture.This position may be based in San Francisco, CA, Seattle, WA, or New York City, NY. We adopt a hybrid work model, requiring three days in the office per week, and provide relocation assistance for new hires.Your Contributions Will Include:Innovating and enhancing Detection and Response infrastructure.Developing tools for the management of detection rule lifecycles.Creating, measuring, and refining detection rules for effective and sustainable operations.Automating manual response workflows.Ensuring visibility and management of OpenAI’s endpoint fleet (macOS, Windows).Driving advancements in identity access management (IAM), device management, and our utilization of public cloud services (e.g., AWS, Microsoft Azure).You Will Excel in This Role If You Have:Experience in cybersecurity or a related field.Familiarity with Microsoft Azure and/or other cloud infrastructure platforms.Strong problem-solving skills and a passion for security innovation.

Be a Part of Transforming the Financial Landscape.At Robinhood, our mission is to make finance accessible to everyone. With an estimated $124 trillion set to be passed down to younger generations over the next two decades, we are positioned at the forefront of this monumental transfer of wealth. If you are eager to contribute to this pivotal shift in the financial system, we encourage you to apply.About Our Team and the RoleWe are assembling a top-tier team dedicated to leveraging cutting-edge technologies to tackle the most pressing challenges in finance. We seek innovative thinkers, adept problem-solvers, and builders committed to making a lasting impact. Robinhood is a dynamic workplace that values ambition and hard work, ensuring our team members are rewarded for their contributions. Our high-performance culture is grounded in ethics and integrity.The Security Operations (SecOps) team plays a vital role in protecting Robinhood and our users by identifying, investigating, and mitigating security threats. Our team monitors production systems, endpoints, and cloud environments while employing threat intelligence and structured testing to proactively identify risks. We collaborate closely with engineering and infrastructure teams to enhance detection and response capabilities. Our commitment is unwavering: to minimize risks, enhance visibility, and uphold customer trust every day!As a Security Engineer specializing in Detection & Response, you will bolster Robinhood's capacity to detect, analyze, and manage security incidents. Your responsibilities will include designing and refining detection logic, evaluating security telemetry from cloud and endpoint systems, and driving tangible improvements in reducing false positives and detection gaps. You will collaborate with SOC analysts and security engineers to optimize investigation workflows and document findings. This position is perfect for someone passionate about hands-on detection engineering and eager to enhance team responses to real-world security threats!This position is located in our Menlo Park, CA office, with in-person attendance required at least 3 days per week.At Robinhood, we value the benefits of in-person collaboration to accelerate progress, foster innovation, and build a strong community. Our office environment is designed to be intentional, invigorating, and supportive of high-performing teams.

WorkOS provides APIs and developer tools that help companies meet enterprise requirements for authentication, identity management, and authorization. The platform supports developers scaling their products securely for large organizations. WorkOS is trusted by leading AI companies, including OpenAI, Cursor, Perplexity, Vercel, and Plaid, and is backed by investors such as Meritech, Sapphire, Greenoaks, Craft, Abstract, and Audacious. Following a $100M Series C, the company now holds a $2B valuation. Security is central to WorkOS’s mission. The Security team safeguards the data and identities of millions, maintaining customer trust as a core priority. Team members collaborate closely, drawing on practical engineering experience and real-world knowledge of system attacks and defenses. The group covers product security, cloud security, and Governance, Risk, and Compliance (GRC), and works with a Managed Detection and Response (MDR) provider for continuous monitoring and response. Role overview The Security Engineer - Detection & Response will help advance detection and response capabilities at WorkOS. The company has already established foundational security telemetry across SIEM, EDR, cloud, and identity platforms. The next phase involves building custom detections, developing alerting pipelines, conducting thorough incident investigations, and expanding coverage across both corporate systems and the core product platform. What you will do Lead detection engineering and incident response activities Design and improve threat detections across WorkOS infrastructure and corporate environments, with plans to extend to the product platform Collaborate closely with the MDR team to strengthen security operations Drive threat hunting initiatives and help mature internal security processes

About Scribd:At Scribd Inc., we ignite curiosity and foster a vibrant ecosystem of stories and knowledge. Our mission is to democratize access to ideas and empower collective wisdom through our innovative platforms: Everand, Scribd, Slideshare, and Fable. Join us as we create an inclusive environment where creativity and collaboration thrive.We believe in cultivating a culture where authenticity and boldness flourish—encouraging open discussions and commitment to our goals while embracing the unexpected. Every team member is empowered to prioritize customer needs and take meaningful actions.Our flexible work policy, Scribd Flex, enhances individual work styles while fostering community connections. We encourage team members to collaborate intentionally through in-person moments, regardless of their location.We're looking for team members who embody "GRIT"—a blend of passion and perseverance towards long-term objectives. We seek individuals who can set and achieve Goals, deliver Results, offer Innovative solutions, and positively impact the Team's culture through collaboration.Role OverviewAs a Senior Security Engineer on our Infrastructure Security team, you'll play a crucial role in safeguarding our applications, platforms, and users. As we scale, we're enhancing our Detection & Response capabilities, transitioning towards a time-based security model that prioritizes speed, signal quality, and resilience as core design principles.

Join cape as a Senior Security Engineer specializing in Detection and Response, where you will play a crucial role in safeguarding our digital assets. In this fully remote position, you will leverage your expertise to enhance our security posture, proactively identifying and mitigating threats. Collaborate with cross-functional teams to develop effective security solutions and respond to incidents with agility and precision.

Join xAI as a Senior Security Engineer / Analyst to lead our security threat management initiatives. In this pivotal role, you will oversee the identification and management of potential security incidents, collaborating closely with partner teams on known or suspected threats. Your expertise will enhance our threat intelligence, threat hunting, incident response, and intrusion detection efforts, ensuring we adhere to and advance industry best practices.

Join Klaviyo as a Senior Security Engineer specializing in Detection and Response. In this critical role, you will be at the forefront of safeguarding our systems and data, ensuring our clients' security. Collaborate with talented professionals in a dynamic environment where your expertise will directly impact our security posture.

Senior Lead for Detection and Response in Security OperationsSan Carlos, CA (on-site)About 1XAt 1X, we are at the forefront of innovation, developing humanoid robots that collaborate with humans to address labor shortages and foster abundance across various industries.Role OverviewIn the capacity of Senior Lead for Detection and Response, you will take charge of 1X's comprehensive detection strategy, encompassing centralized logging, SIEM architecture, and the implementation of a high-efficiency 24/7 SOC/MDR operational model. This role demands a hands-on leader who is adept at managing the entire detection loop—from logging and incident response to ongoing enhancements. You will engineer scalable systems, mitigate alert fatigue, and ensure dependable responses during critical situations. Your contributions will significantly bolster 1X's proficiency in detecting, managing, and learning from security incidents as our organization continues to expand.Your ResponsibilitiesEstablish and manage the entire detection lifecycle, including log collection, normalization, detection engineering, triage, response, and post-incident analysis.Oversee centralized logging across cloud infrastructures, endpoints, identity systems, networks, and essential SaaS platforms.Drive the SIEM strategy, incorporating new data sources, parsing, tuning, detection engineering, routing logic, and executive-level dashboards.Develop and maintain a 24/7 SOC/MDR partnership, outlining requirements, playbooks, SLAs, escalation pathways, and quality benchmarks.Implement incident readiness programs, including runbooks, tabletop exercises, evidence capture protocols, and post-incident improvements.Minimize alert noise while enhancing detection signals through continuous tuning and risk-based alerting practices.Lead investigations, focusing on triage, containment, root cause analysis, and the facilitation of post-mortem assessments.Pinpoint and address detection gaps with measurable advancements in detection and containment timelines.

Join our dynamic Security Engineering team as a Senior Security Engineer specializing in Detection and Incident Response. In this pivotal role, you will blend the realms of security operations and software engineering, not only investigating incidents but also developing the systems that detect, contain, and prevent them. Your contributions will involve designing and deploying high-precision detection mechanisms across cloud services and enterprise SaaS platforms, crafting automation to expedite response times, and enhancing telemetry pipelines essential for robust security measures.Your expertise in coding will be as vital as your incident triaging skills. You will structure investigations, analyze root causes, and clearly communicate the implications of security incidents to both technical and non-technical stakeholders. Additionally, you'll leverage these insights to drive lasting engineering improvements, resulting in better detections and smarter automation.

Join xAI as a Detection & Response Engineer, where you'll play a pivotal role in securing our cutting-edge AI technologies and cloud-native infrastructure. In this dynamic position, you will monitor, investigate, and respond to security incidents, ensuring the integrity and protection of sensitive data. Your expertise will be crucial in developing detection strategies and collaborating with cross-functional teams to enhance our security posture.

1Password is experiencing unprecedented growth. With over $400M in ARR, we continue to thrive, proudly earning recognition on the Forbes Cloud 100 for four consecutive years, and collaborating with esteemed partners like Oracle Red Bull Racing and the Utah Mammoth.About 1PasswordAt 1Password, we are committed to laying the groundwork for a secure and productive digital landscape. Our mission is to enhance employee productivity while safeguarding security, ensuring every identity is verified, every application login is secure, and every device is trusted. We have revolutionized the market with our leading enterprise password manager and introduced Extended Access Management, a groundbreaking cybersecurity category tailored for today’s workforce and AI collaborations. As one of the most trusted brands in cybersecurity, we prioritize a human-centric strategy in all aspects, from product development to user experience. Over 180,000 businesses, ranging from Fortune 100 companies to cutting-edge AI innovators, rely on 1Password to securely embrace the SaaS and AI tools that empower their teams to deliver exceptional results.If you are passionate about enhancing the digital security of millions, eager to collaborate with a team of inquisitive and motivated professionals, and excited to tackle complex challenges within a fast-paced, dynamic environment, we want to hear from you. Join us in shaping a safer, more streamlined digital future.At 1Password, security is not merely a feature; it is our foundation. The mission of our Security Operations team is to safeguard our business by ensuring that the systems, tools, and processes that fuel our operations are secure. We strive to keep 1Password productive, robust, and secure through proactive monitoring, rapid response, and a commitment to continuous enhancement of our preventative and detective controls.As a Senior Security Engineer on the Detection & Response team, you will be instrumental in identifying, investigating, and addressing security threats impacting 1Password. You will enhance our detection capabilities, manage complex security incidents, and refine the systems and processes that facilitate effective security operations. This role offers significant impact, ownership, and the opportunity to influence the scaling of detection and response measures.This position reports directly to the Manager of Detection & Response.What you will do:Develop, implement, and continuously refine threat detection mechanisms across 1Password’s infrastructure, products, internal tools, and corporate environments.

Join Klaviyo as a Senior Security Engineer specializing in Detection and Response, where your expertise will be pivotal in safeguarding our systems and data. As a key member of our security team, you will leverage your skills to identify threats, respond to incidents, and strengthen our security posture.

Join Klaviyo as a Senior Security Engineer specializing in Detection and Response, where you will play a pivotal role in safeguarding our systems and data. As a key member of our security team, you will be responsible for developing and implementing advanced detection strategies, responding to security incidents, and enhancing our overall security posture. This is an exciting opportunity to leverage your expertise in cybersecurity to protect our clients and our company.

Role Overview Writer Inc. is hiring a Security Engineer focused on Detection and Response in San Francisco, CA. This position centers on building and maintaining security controls that safeguard the company’s digital assets. What You Will Do Develop and implement security measures to protect systems and data. Collaborate with teams across the company to strengthen security practices. Respond to security incidents and help improve incident response processes. Location This role is based in San Francisco, CA.

At Discord, we empower over 200 million users each month to connect, communicate, and collaborate in their gaming experiences. With more than 90% of our users engaging in video games, our platform serves as a vital hub for gaming communities. Our mission is to enhance the social aspect of gaming by enabling seamless interactions among players before, during, and after gameplay.Discord is dedicated to fostering a sense of belonging for all users. Our commitment to security and privacy ensures that communications remain safe and confidential, which is essential to our continued success.We are on the lookout for a talented Senior Detection and Response Engineer to join our dynamic Detection & Response Team (DART). Our team is focused on engineering innovative detection systems, automating response processes, and developing tools to proactively combat threats rather than merely responding to them. If you are passionate about security and enjoy transforming investigative insights into robust automated solutions, we would love to hear from you!

Role Overview Pinterest is hiring a Security Software Engineer II focused on Detection and Response. This role can be based in San Francisco, CA or remote within the US. What You Will Do Develop and refine detection strategies to identify security threats across the Pinterest platform. Implement and improve response protocols to address incidents efficiently. Work closely with teams from different disciplines to spot vulnerabilities and strengthen defenses. Support efforts to reduce incident response times and protect the safety of Pinterest’s user community. Location This position is open to candidates in San Francisco, CA or remote within the United States.

Role overview Benchling is looking for a Detection and Response Engineer in San Francisco, CA. This role focuses on protecting company systems and applications from security threats. The engineer will use experience in incident response and threat detection to help maintain strong security and system integrity.

Role Overview Benchling is hiring a Detection and Response Engineer to help protect digital assets and infrastructure. This role focuses on developing and applying effective detection and response strategies to strengthen cybersecurity across the company. The engineer will work alongside a collaborative team, using technical knowledge to identify and address threats that could affect system integrity and security.

Join us in revolutionizing the data storage industry at Pure Storage! As a Senior Security Operations Manager, you'll be at the forefront of innovative technology, leading a team that is shaping the future of security operations.This is your chance to engage in work that truly matters, as we transform the tech landscape. If you're ready to embrace a world of opportunities and make a significant impact, we invite you to be part of our dynamic team.THE ROLEThe Senior Security Operations Manager for Detection Engineering & Incident Response will spearhead the evolution of Pure’s Security Operations (SecOps) function encompassing Detection Engineering, Threat Intelligence, and Incident Response (CIDR). Your mission will be to revolutionize SecOps into a proactive, intelligence-driven program that effectively mitigates enterprise risk and enhances security across cloud, SaaS, infrastructure, and endpoint environments.This position is pivotal, positioned at the nexus of detection, incident response, threat hunting, attack surface management, and platform security. You will develop and refine a high-signal detection and response system—from telemetry pipelines to actionable alerts—ensuring all detections are aligned with real attacker behaviors and effectively mitigate risk.You will collaborate closely with leaders across Governance, Risk & Compliance (GRC), Product Security, Infrastructure, Identity and Access Management (IAM), and Engineering to operationalize risk-informed detections, enhance incident response processes, and drive quantifiable improvements in our security posture.WHAT YOU’LL DOLead and enhance Detection Engineering and CIDR functions, focusing on threat detection, response workflows, incident triage, and automation.Create and sustain a detailed detection inventory categorized by threat type, log source, MITRE mapping, and detection method.Drive continuous validation through red team, purple team, and atomic testing.