Liftoff MobileRemote
Security Engineer, Detection & Response
United States of America
Full Time
2 weeks ago
$200,000 - $240,000 USD
H1B Sponsor Likely
Key skills
AILLMAWSSaaSCI/CDCommunication
About this role
Liftoff Mobile is a leading AI-powered performance marketing platform for the mobile app economy. They are seeking a Security Engineer to enhance their detection and response function, manage the operation of their SIEM, and collaborate with engineering teams to improve security processes and tooling.
Responsibilities:
- Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline
- Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment
- Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT
- Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable
- Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil
- Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks — so security scales without becoming a bottleneck
- Close the feedback loop between the team's offensive and proactive findings and detection coverage
- Partner across the security team on cloud, infrastructure, and application security work alongside your detection and response focus — every engineer on this team covers breadth beyond their primary focus
- Participate in the Security team's on-call rotation and incident response
Requirements:
- 5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus
- Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts
- Write production-quality code for security automation and detection-as-code
- Experience leading or substantially contributing to security incident response
- Strong technical writing — design docs, runbooks, and post-incident reviews
- Demonstrated judgment in prioritizing security work using a risk-based approach
- Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems
- Excellent verbal communication
- Willing to participate in an on-call rotation
- Hands-on experience with an AI-augmented SOC platform (Prophet Security, Dropzone AI, or equivalent), or with building large language model (LLM) augmented investigation and runbook tooling
- Experience operating in cloud environments at scale
- Cloud incident response experience, particularly in AWS
- Endpoint forensics for incident response on Mac and/or Linux
- Detection-as-code workflows in continuous integration and deployment (CI/CD) pipelines
- Mobile adtech or high-volume SaaS background