CrawlJobs Logo

Security Engineer, Insider Threat Detection & Response

openai.com Logo

OpenAI

Location Icon

Location:
United States , San Francisco

Category Icon

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

230000.00 - 385000.00 USD / Year

Job Description:

As a Security Engineer you will join our OpenAI engineers and researchers in building, operating and securing transformational AI technologies. This role will focus on all aspects of Detection & Response but with a strong emphasis on detecting insider threats and influencing controls to safeguard OpenAI's most sensitive assets.

Job Responsibility:

  • Innovate on Detection and Response infrastructure to engineer and automate end-to-end detection and investigation workflows
  • Develop, measure, and tune detection rules to ensure effective and sustainable operations
  • Drive projects across OpenAI’s technology stack with a focus on insider threats, ranging from access abuse and intellectual property theft to novel risks emerging within AI infrastructure
  • Partner closely with cross-functional stakeholders, including HR, Legal, and peer investigative teams, providing technical expertise and evidence to support investigations
  • Collaborate on cutting-edge AI research, and use AI to improve OpenAI’s Security posture

Requirements:

  • 5+ years experience working in a detection/response or insider-risk role
  • Broad familiarity with operating systems and platforms such as macOS, Windows, Linux, and Kubernetes, along with experience in cloud infrastructure
  • Knowledge of modern adversary tactics and attack paths, data exfiltration techniques, and have experience running and leading incidents
  • Proficiency with a scripting language (e.g. Python, Bash, PowerShell, or similar)
  • Independently manage and run projects, balance preventative controls with user friction, and prioritize efforts for risk reduction
  • Motivated by securing transformative technology and can adapt familiar security frameworks to new risks in AI infrastructure
What we offer:
  • Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts
  • Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit)
  • 401(k) retirement plan with employer match
  • Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks)
  • Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees
  • 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law)
  • Mental health and wellness support
  • Employer-paid basic life and disability coverage
  • Annual learning and development stipend to fuel your professional growth
  • Daily meals in our offices, and meal delivery credits as eligible
  • Relocation support for eligible employees
  • Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided
  • Offers Equity
  • Performance-related bonus(es) for eligible employees

Additional Information:

Job Posted:
February 21, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Job Link Share:

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Security Engineer, Insider Threat Detection & Response

Senior Detection Engineer

This is a detection engineering role that leverages knowledge of monitoring, ana...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.marriott.com Logo
Marriott Bonvoy
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Sciences or related field or equivalent experience/certification
  • 3+ years of collective experience in Splunk SIEM (Splunk Enterprise Security) threat detection use case development or UEBA (Exabeam) use case development for insider threat use case development
  • 5+ years of experience in security functions such as SOC, CIRT, security engineering, risk management, vulnerability management or technical infrastructure operations, administration, or systems engineering
  • scripting or programming language, including Python
  • Current information security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) preferred
  • offensive and defensive security certifications such as CEH, IGAC Cyber Defense, OSCP or other related certifications preferred
  • Splunk Certification, including Splunk Enterprise Security Certified Admin preferred
  • use case development experience on the Exabeam platform preferred
  • working knowledge of the NIST Cyber Security Framework and ISO/IEC 27001:2022 preferred
  • working knowledge of the MITRE ATT&CK Framework preferred
Job Responsibility
Job Responsibility
  • Lead collaboration sessions within the cyber security tower and other business units to devise security monitoring use cases
  • engage and collaborate with other security engineers and architects as needed to keep pace with the evolution of corporate infrastructure and applications and share that knowledge with peers as appropriate
  • document prospective security monitoring use cases with MITRE ATT&ACK mappings using standard templates and methodologies
  • inform and consult other cyber ops teams of required data onboarding and integrations for use case development
  • develop analytics, correlation searches, dashboards, reports and alerts within the SIEM and UEBA platforms
  • solicit feedback for pre-production security monitoring content through peer review process and user acceptance testing for tuning
  • document developed security monitoring content in a documentation registry using department standard templates and methodologies
  • manage field mapping and transmission of security monitoring alerts to the security incident response platform for SOC analyst consumption as outlined in process documentation
  • provide governance support for the content development function entailing content development standards compliance, change management approvals for SIEM or UEBA content, and lifecycle management of developed security monitoring content
  • service operational requests in queue such as analytics content performance tuning, filtering, search refinement, parsing issues
  • Fulltime
Read More
Arrow Right

Security Engineer - Detection Engineering, Surface Coverage

Meta Security is looking for a Security Engineer with experience in threat model...
Location
Location
United States , Bellevue
Salary
Salary:
122000.00 - 181000.00 USD / Year
meta.com Logo
Meta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Detection and Response Engineering or similar Security Engineering role
  • Bachelor's degree or equivalent experience in Cyber Security
  • Experience building complex automations and integrations using Security Orchestration, Automation and Response platforms
  • Experience designing systems used for responding to both external and insider threats
  • Experience analyzing network and host-based security events
  • Knowledge of networking technologies, specifically Transmission Control Protocol (TCP)/Internet Protocol (IP) and the related protocols
  • Knowledge of operating systems, file systems, and memory structures on Windows, MacOS and Linux
  • Coding/scripting experience in one or more general purpose languages
  • Experience with attacker tactics, techniques, and procedures
Job Responsibility
Job Responsibility
  • Lead cross-functional projects to improve our functionalities to effectively detect and respond to security incidents
  • Review security architecture of large-scale custom and commercial systems and under your own initiative propose logging, detection and prevention controls
  • Perform TTP-based Threat Modeling for a wide variety of assets including endpoints, mobile, servers, internal services, public & private cloud environments and networking equipment
  • Perform analysis against logs from a variety of sources (e.g., individual host logs, network traffic logs) to identify potential threats and detection ideas
  • Build response workflows and actions that auto-resolve false positives and provide context scaling our capacity to investigate
  • Support security incident response in a cross-functional environment and drive incident resolution
  • Design and implement attack testing automation to validate detection coverage
  • Build logging pipelines using our custom datasets and infrastructure
What we offer
What we offer
  • bonus
  • equity
  • benefits
Read More
Arrow Right
New

Senior Security Engineer, Threat Intelligence

As a Senior Security Engineer specializing in Threat Intelligence on the Detecti...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in technical security engineering roles
  • 3+ years focused on threat intelligence
  • Strong understanding of modern attacker TTPs, including cloud-native, SaaS, identity-focused, and insider-adjacent threat patterns
  • Experience developing intelligence requirements, prioritization frameworks, analysis workflows, and emulation scenarios
  • Hands-on experience with scripting or automation (e.g., Python, APIs, SOAR workflows) to improve operational efficiency and cross-team execution
  • Ability to produce concise, high-quality written intelligence, including executive-level summaries
  • Familiarity with security telemetry, logs, and investigative workflows used by detection and response teams
  • Willingness to participate in an on-call rotation and support security incidents during high-severity or off-hours events
Job Responsibility
Job Responsibility
  • Research, track, and assess the threat landscape by analyzing relevant threat actors, campaigns, and behaviors affecting 1Password’s attack surface, identity systems, brand, third-party ecosystem, and insider risk scenarios
  • Analyze and prioritize information to develop actionable intelligence that informs detection coverage, hunting activities, and response readiness
  • Partner with Detection Engineering to design and validate threat-based detections, including through adversary emulation, simulation, or controlled testing
  • Use automation and scripting to improve how threat intelligence is collected, enriched, distributed, and actioned across Security workflows
  • Curate and deliver threat intelligence reporting for both technical teams and executive stakeholders
  • Build and maintain repeatable threat intelligence processes, workflows, and documentation that scale with the Detection & Response program
  • Participate directly in security operations by triaging alerts, supporting investigations, managing incidents, and contributing to post-incident learning
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k/RRSP
  • Generous paid time off
  • Equity grant
  • Participation in incentive programs
  • Maternity and parental leave top-up programs
  • RSU program for most employees
  • Retirement matching program
  • Free 1Password account
  • Fulltime
Read More
Arrow Right
New

Engineer II - Insider Threat

The Engineer II, Insider Threat, is a mid-level technical role within the Cyber ...
Location
Location
United States , Conshohocken; Remote
Salary
Salary:
Not provided
cencora.com Logo
Cencora
Expiration Date
March 13, 2026
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, Behavioral Science, or equivalent work experience
  • Knowledge of insider threat detection methodologies, user activity monitoring, DLP, and investigative practices
  • Familiarity with privacy, compliance, and employment standards (e.g., GDPR, HIPAA, SOX, CCPA)
  • 3–5 years of progressive experience in cybersecurity, investigations, or risk management, with at least 1–2 years dedicated to insider threat or DLP operations
  • Hands-on experience with insider threat monitoring platforms, behavioral analytics, and DLP tools
  • Demonstrated ability to handle confidential investigations with discretion
  • Strong communication and writing skills for documenting findings and Briefing Stakeholders
Job Responsibility
Job Responsibility
  • Monitor and analyze user activity logs, alerts, and behavioral indicators to identify potential insider threats
  • Conduct investigations into moderate-complexity insider threat cases, including data misuse, exfiltration, fraud, and policy violations
  • Administer, monitor, and tune Data Loss Prevention (DLP) technologies to detect and prevent unauthorized movement of sensitive data
  • Investigate and respond to DLP alerts, escalating incidents when necessary with clear documentation and supporting evidence
  • Support the development and refinement of insider threat detection rules, analytics, and use cases
  • Contribute to the creation and improvement of playbooks and investigative workflows, including DLP-related scenarios
  • Collaborate with HR, Legal, and Corporate Security to ensure coordinated responses to insider incidents
  • Document findings and prepare clear reports for management and other stakeholders
  • Share knowledge with Engineer I analysts and contribute to team training efforts
  • Participate in awareness and deterrence initiatives by providing technical input to educational campaigns
What we offer
What we offer
  • medical
  • dental
  • vision care
  • comprehensive suite of benefits focusing on physical, emotional, financial, and social wellness
  • support for working families
  • backup dependent care
  • adoption assistance
  • infertility coverage
  • family building support
  • behavioral health solutions
  • Fulltime
Read More
Arrow Right
New

Senior Sales Engineer

We are looking for a Senior Sales Engineer to drive pre-sales engagement for lar...
Location
Location
India , New Delhi
Salary
Salary:
Not provided
skyhighsecurity.com Logo
Skyhigh Security
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 12+ years in cybersecurity
  • 5+ years in pre-sales or solution engineering supporting large enterprise deals
  • Proven track record engaging CISOs and senior security leadership in complex enterprise environments
  • Hands-on experience with leading cybersecurity platforms such as EDR/XDR, NDR, firewalls, cloud security, Data Security, SIEM, SOAR
  • Experience handling large, distributed enterprise environments (1,000+ endpoints preferred)
  • Industry certifications preferred: CISSP, CISM, CEH, GIAC
  • Deep understanding of endpoint security (EDR/XDR/MDR), Data Security, threat detection & response, malware behavior, network security, and advanced SOC use cases
  • Familiarity with SIEM/SOC operations, threat hunting methodologies, incident response lifecycle, and threat intelligence integration
  • Experience with next-gen firewalls, SASE concepts, cloud workload security (AWS/Azure/GCP), and SaaS security
  • Knowledge of Zero Trust principles, identity-centric security, and modern access models
Job Responsibility
Job Responsibility
  • Lead the technical strategy for Enterprise pursuits including large strategic deals and competitive evaluations
  • Conduct detailed technical discovery, needs assessment, and solution architecture workshops with CISOs, SOC leaders, security architects, and IT stakeholders
  • Design and deliver solution demos, lab scenarios, and POCs aligned to enterprise threat use cases (ransomware, insider threat, cloud compromise, etc.)
  • Act as a trusted cybersecurity advisor to Enterprise security leadership
  • Translate business risk, digital transformation, and compliance requirements into architectural security solutions
  • Align product/platform capabilities (endpoint, network, cloud, Data security) to enterprise security modernization roadmaps
  • Equip sales teams with competitive differentiation, objection handling, and technical win strategy support
  • Validate feasibility, integrations, deployment models, and configurations across hybrid and multi-cloud enterprise environments
  • Support technical evaluations, architecture reviews, and security assessments
  • Drive automation and orchestration use cases with SOC / SIEM, SOAR, AI-driven detection ecosystems
What we offer
What we offer
  • Retirement Plans
  • Medical, Dental and Vision Coverage
  • Paid Time Off
  • Paid Parental Leave
  • Support for Community Involvement
  • Fulltime
Read More
Arrow Right
New

Principal Security Engineer

The Principal Security Engineer, under the direction of the Director of Security...
Location
Location
United States , Palo Alto
Salary
Salary:
147050.00 - 220800.00 USD / Year
wsgr.com Logo
Wilson, Sonsini, Goodrich & Rosati
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree required
  • 5+ of experience in Information Security
  • One or more of the following certifications preferred: GIAC, CISSP, CISM, CEH, CIPP
  • Focus on knowledge of direct support for Security Information and Event Management (SIEM) systems (e.g. configuration of feeds, developing alarm/report concepts), Red Teaming concepts and execution, and Linux skills including command line and operational/administrative usage
  • Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls
  • Experience with windows desktop, server, and database security
  • Ability to identify security technology risks and perform incident response
  • Extensive knowledge of TCP/IP networking including wireless, network monitoring/design and routing
  • Extensive understanding of the cyber kill-chain
  • Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments
Job Responsibility
Job Responsibility
  • Provide subject matter expertise in information security as it relates to networks and systems
  • Manage the Firm’s security technology including but not limited to: anti-virus, vulnerability scanning, intrusion detection, content filtering, and insider threat systems
  • Review security events from all monitoring environments not integrated with the firm SIEM, and those events escalated by the SOC, on a daily basis, and follow defined incident response processes in their analysis and reporting
  • Monitor appropriate venues for threats to the security of the Wilson Sonsini Goodrich & Rosati environment. Provide notification to all impacted parties related to the actions needed to mitigate threats and manage the threat lifecycle in totality
  • Manage and lead evaluations of the firm’s environment by external 3rd parties. Produce recommendations that integrate any findings with the business needs of the firm
  • Maintain knowledge of the information security needs of firm clients and implement measures to satisfy those requirements in the most efficient manner
  • Keep abreast of emerging security technologies and discipline developments. Make appropriate recommendations that meet the firms needs
  • Design and build operational environments that scale to meet the needs of our security products and assure appropriate reliability
  • Support general troubleshooting related to information security tasks and provide support to end users as needed
  • Provide other teams with security consulting services, including responding to requests for additional information and assisting with specific projects
What we offer
What we offer
  • discretionary year-end merit bonus based on performance
  • highly competitive salary and benefits package
  • Fulltime
Read More
Arrow Right

Staff Security Risk and Compliance Program Manager

We are seeking a highly experienced and technically proficient Staff Risk & Comp...
Location
Location
United States
Salary
Salary:
213200.00 - 250500.00 USD / Year
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in security program management
  • At least 5 years dedicated to Insider Threat, Corporate Security, or Data Loss Prevention (DLP) programs
  • Deep technical understanding of security controls, network architecture, endpoint security, cloud environments (e.g., AWS, Azure, GCP), and User and Entity Behavior Analytics (UEBA) or similar advanced detection technologies
  • Experience with evaluating & implementing identity & access management tools, endpoint security platforms, data loss prevention tools
  • Familiarity with forensic analysis techniques and legal hold processes related to electronic evidence
  • Strong project management and organizational skills
  • Exceptional analytical and problem-solving skills, with a data-driven approach to decision-making
  • Experience in running long-term, complex security programs that deliver iterative improvements and risk reduction
  • Excellent written and verbal communication skills
  • The ability to influence and lead without direct authority
Job Responsibility
Job Responsibility
  • Define and drive the multi-year technical roadmap for the Insider Threat program, focusing on advanced detection methods, behavioral analytics, technical countermeasures, and integration with existing security and IT infrastructure
  • Lead the planning, execution, and delivery of complex, multi-functional technical projects within the Insider Threat domain
  • Act as the primary liaison between Trust & Security and key partners and stakeholders
  • Translate operational needs and intelligence into clear technical requirements and specifications for engineering implementation
  • Drive the selection, deployment, and optimization of technical tools and platforms such as DLP, endpoint security platform, to identify, score, and alert on anomalous or high-risk user behavior
  • Partner with Legal and HR to ensure all technical controls and monitoring capabilities are compliant with global privacy laws, company policies, and ethical guidelines
  • Establish and refine the technical incident response and mitigation processes for insider threats
  • Develop metrics and dashboards to track program effectiveness & and technical control performance
  • Develop training content, ensure employees understand the expectations of Acceptable User Policy
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
  • Offers Equity
  • Fulltime
Read More
Arrow Right
New

Software Engineer II

We are seeking a skilled software engineer to join our team and help implement a...
Location
Location
Czech Republic , Multiple Locations
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or related technical field AND technical engineering experience with coding in languages including, but not limited to, C, C++, C#, Java, JavaScript, or Python
  • OR equivalent experience.
Job Responsibility
Job Responsibility
  • AI-Native Development: Improves artificial intelligence (AI) tools and practices across the software development lifecycle (SDLC)
  • Proactively takes responsibility for the content of their AI-generated requirements, design documents, code, and other assets, assisting other members of the team to do the same
  • Incorporates Responsible AI practices into the SDLC to ensure appropriate controls over AI-generated assets
  • Applies SDLC and engineering health measures (e.g., Accelerate, SPACE framework, Engineering System Success Playbook [ESSP]) to guide improvements to processes and practices, especially those involving AI
  • Experiments with AI tools and practices to improve their own capabilities, and provides recommendations on how to adopt them to other members of the team.
  • Coding: Leads by example across teams and mentors others to produce extensible, maintainable, well-tested, secure, and performant code used across products that adheres to design specifications
  • Leads efforts to continuously improve code performance, testability, maintainability, effectiveness, and cost, while learning about and accounting for relevant trade-offs
  • Identifies best practices and coding patterns (e.g., leveraging state-of-the-art generative artificial intelligence [GenAI], approaches to source code organization, naming conventions) and provides deep expertise in the coding and validation strategy
  • Creates and applies metrics to drive code quality and stability, appropriate coding patterns, and best practices
  • Identifies and anticipates blockers or unknowns during the development process, escalates them, communicates how they will impact timelines, and then leads efforts to identify and implement strategies and/or opportunities to address them.
  • Fulltime
Read More
Arrow Right