CrawlJobs Logo
OpenAI Logo OpenAI · IT - Software Development

Security Engineer, Detection and Response

United Kingdom; Ireland, London · Job Posted February 21, 2026
Apply Position
Job Link Share

Job Description

As a Security Engineer on Detection & Response, you’ll help protect OpenAI’s most sensitive assets– including our intellectual property, customer data, and the infrastructure that supports them– by building and operating the systems we use to detect suspicious activity and respond effectively when it matters. You’ll work across endpoints, identity, cloud, hyperscale compute infrastructure, and datacenter-adjacent layers, partnering closely with security teams and infrastructure owners to define the telemetry and response requirements we need and building tooling and automation where it delivers the most leverage.

Job Responsibility

  • Build and evolve Detection & Response capabilities across OpenAI’s infrastructure, products, and research environments
  • Engineer detection pipelines and tooling: develop rule lifecycle management, measurement/quality loops, tuning processes, and safe rollout patterns
  • Automate response and investigations by building workflows that reduce toil and improve time-to-understand/time-to-contain
  • Partner with other Security teams and system/infrastructure owners to ensure new systems ship with the right telemetry, threat models, and response playbooks
  • Define D&R requirements and drive visibility across endpoints, identity, SaaS, cloud, Kubernetes
  • Evaluate and respond to emergent security concerns in a frontier AI lab environment

Requirements

  • Have hands-on threat detection and/or incident response experience, including building detections, running investigations, and improving operational playbooks
  • Understand modern adversary tradecraft (TTPs) and can translate it into practical detection strategies and response actions
  • Bring a threat modeling mindset. You can evaluate new infrastructure or features, identify D&R implications and turn that into concrete requirements
  • Have experience working in Kubernetes/containerized environments, including building detections from cluster telemetry and understanding common failure and attack modes
  • Are comfortable reasoning about lower-level infrastructure and datacenter risks, such as firmware/BMC surfaces, network segmentation/telemetry, and hard-to-observe control paths
  • Have experience across major cloud platforms (Azure, AWS, GCP, OCI), and can design cloud-agnostic detection approaches where possible
  • Like building automation that replaces repetitive D&R work
  • Are energized by new problem areas at a forward-leaning technology company
  • Communicate clearly and collaborate well across teams
  • Are comfortable with scripting and enjoy using AI/agent tooling to accelerate investigations and automation
OpenAI - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Security Engineer, Detection and Response

8 matching positions

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United States
Salary
Salary:
169150.00 - 225000.00 USD / Year
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
  • Fulltime
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Canada
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
Netherlands
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Incident Response Security Engineer

The Security Team is responsible for providing key security capabilities coverin...
Location
Location
United Kingdom
Salary
Salary:
Not provided
clickhouse.com Logo
ClickHouse
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Background in product security / red teaming / penetration testing / threat modeling, combined with incident detection and response experience
  • Strong knowledge of and experience with one or more cloud service providers (e.g. AWS, GCP, Azure)
  • Excellent written and verbal communication skills
  • Experience securing large-scale customer-facing cloud infrastructures
  • Significant development and automation experience
  • preference for Golang and Python
Job Responsibility
Job Responsibility
  • Develop processes, tooling and automation to scale incident management response and mitigate risks to the business
  • Collaborate with other security functions, engineering, product, support, business operations to identify appropriate detection use cases and automation
  • Apply a threat modeling centric approach to incident detection and response
  • Maintain security logging platform
  • Stay up to date with the latest threats, attack vectors to improve our detection mechanisms and attack surface management
  • Handle information security events and incidents across the ClickHouse products and services
What we offer
What we offer
  • Flexible work environment - ClickHouse is a globally distributed company and remote-friendly. We currently operate in 20 countries
  • Healthcare - Employer contributions towards your healthcare
  • Equity in the company - Every new team member who joins our company receives stock options
  • Time off - Flexible time off in the US, generous entitlement in other countries
  • A $500 Home office setup if you’re a remote employee
  • Global Gatherings – We believe in the power of in-person connection and offer opportunities to engage with colleagues at company-wide offsites
Read More
Arrow Right

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Sr. Security Operations Engineer

As a Sr. Security Engineer, you will be responsible for protecting the organizat...
Location
Location
United States , West Point
Salary
Salary:
84410.00 - 129987.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Systems, or related field, or equivalent experience and certifications
  • Ability to script using Python
  • 7+ years of experience in Security Engineering, including planning and operations
  • Advanced knowledge of security technologies in medium to complex computing environments
  • Hands-on experience with multiple enterprise security technologies (e.g., firewalls, VPNs, intrusion detection/prevention, endpoint security)
  • Strong understanding of server/network architecture and core networking concepts (e.g., routing, DNS, DHCP)
Job Responsibility
Job Responsibility
  • Design and Deploy Security Solutions: Build, test, and implement new security technologies, including creating operational manuals and runbooks
  • Operate and Optimize Security Systems: Maintain and improve existing security tools such as DLP, Antivirus, IPS/IDS, and Endpoint Protection, while automating monitoring and enforcement processes
  • Conduct Risk Assessments and Incident Response: Lead or support technical risk evaluations and respond to security incidents, ensuring thorough remediation and reporting
  • Collaborate and Advise: Work with internal and external stakeholders to identify security needs, recommend solutions, and stay current with evolving technologies
  • Monitor and Report: Continuously monitor infrastructure for threats, produce security reports for senior leadership, and implement changes following established procedures
  • Fulltime
Read More
Arrow Right

Senior Logging & Detection Engineer

We are currently seeking a Senior Logging & Detection Engineer to lead the techn...
Location
Location
Canada , Vancouver; Calgary; Toronto
Salary
Salary:
146200.00 - 197800.00 CAD / Year
clio.com Logo
Clio
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Senior-level expertise building and scaling enterprise-grade detection capabilities and security monitoring systems
  • Expert-level query language proficiency in at least two of the following: Elasticsearch/Lucene, SQL, KQL (Kusto), or SPL (Splunk), demonstrating advanced optimization techniques
  • Extensive Detection Engineering experience owning the full lifecycle of rules, alerts, and automated response workflows within a SIEM/SOAR environment
  • Advanced log analysis skills across diverse, large-scale data sources, including multi-cloud logs (AWS, Azure, GCP), network flows, and advanced security tool outputs
  • Deep dashboard and visualization expertise with tools like Kibana, Grafana, or Tableau, specifically for security metrics and executive reporting
  • Proven expertise in leading threat hunting efforts using log data to proactively identify and track sophisticated threats and anomalous behavior across the environment
  • Senior-level scripting and automation abilities (Python/Go/PowerShell), used to build custom tools, manage APIs, and drive detection automation at scale
  • Architectural experience integrating and optimizing SIEM platforms, SOAR tools, and security orchestration systems
  • Expert performance optimization skills covering query tuning, index design, data partitioning, and overall resource-efficient analytics on big data
  • Significant incident response experience providing expert-level technical analysis and forensic support during major security incidents
Job Responsibility
Job Responsibility
  • Lead the design and implementation of sophisticated, production-ready detection rules and queries across the ELK stack, security data lakes, and multi-cloud logging platforms
  • Architect and optimize complex search queries, aggregations, and analytics dashboards for high-velocity security monitoring, focusing on performance and cost efficiency
  • Design and build automated detection and response workflows (SOAR), ensuring seamless and reliable integration with critical incident response systems
  • Serve as the primary liaison with the threat intelligence team, developing and owning the framework to translate intelligence into scalable, actionable detection capabilities (e.g., MITRE ATT&CK coverage)
  • Establish and maintain a robust detection rule library, query templates, and lead the creation of security analytics playbooks for the wider team
  • Drive performance optimization and resource utilization strategies across petabyte-scale log datasets, including index design and data tiering
  • Develop and standardize custom visualizations, dashboards, and executive reporting capabilities for security stakeholders
  • Lead complex threat hunting operations, mentor junior team members on investigative techniques, and proactively refine detection logic to achieve near-zero false positive rates
  • Collaborate closely with the platform team to define the logging architecture roadmap based on future detection requirements and security observability goals
  • Proactively research emerging threats and attack patterns, translating novel techniques into strategic, forward-looking detection logic and advising security leadership
What we offer
What we offer
  • Top-tier health benefits, dental, and vision insurance
  • Hybrid work environment
  • Flexible time off policy, with an encouraged 20 days off per year
  • $2000 annual counseling benefit
  • RRSP matching and RESP contribution
  • Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years
  • Fulltime
Read More
Arrow Right

Endpoint Security Engineer

The Endpoint Security Engineer is a customer-facing role responsible for ensurin...
Location
Location
Ireland , Galway
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive cyber and IT security expertise including hands-on experience designing and implementing endpoint security controls at scale
  • deep hands-on expertise with a leading EDR platform (e.g. CrowdStrike Falcon, SentinelOne) in an enterprise environment
  • expert-level knowledge of Windows, macOS, and Linux operating systems and security features
  • advanced experience with cloud-hosted endpoints including a strong understanding of core Kubernetes concepts like Pods, Nodes, Namespaces, Deployments, and Daemon Sets
  • proficiency in scripting languages for automation and analysis (e.g., Python, PowerShell, Bash)
  • strong understanding of network protocols and host-based firewalls
  • experience with the technical delivery of projects ensuring successful implementation and deployment
  • fluent in English
Job Responsibility
Job Responsibility
  • Provide expert end-to-end technical troubleshooting for complex issues across Windows, Linux, Mac, and Cloud environments
  • manage the deployment and monitoring of Falcon sensors across various operating systems
  • configure and manage deployment and prevention policy settings
  • work collaboratively with Security Analysts and Incident Responders
  • create and maintain documentation for CrowdStrike configuration, processes, and best practices
  • assist in the overall security strategy for endpoints
  • lead configuration and management of EDR platforms and other enterprise security tools
  • work closely with IT, Network, and System Administration teams to integrate security solutions into the IT infrastructure
  • provide security recommendations for endpoint configuration
  • provide technical support and training to end-users
What we offer
What we offer
  • Comprehensive suite of benefits supporting physical, financial, and emotional wellbeing
  • programs catered to career development
  • unconditional inclusion
  • flexible work environment
Read More
Arrow Right