Security engineer, detection and response

About this role WRITER is seeking a Detection and Response Engineer to defend our AI/AGI platforms, training data, and deployed models against sophisticated and evolving threats. At WRITER, protecting the integrity of our AI systems is as critical as advancing their capabilities. This role blends hands-on security engineering with strategic threat detection, ensuring our defenses evolve faster than the adversaries targeting our infrastructure. You’ll design advanced detections, automate rapid responses, and lead investigations into incidents affecting our AI stack—covering everything from GPU clusters to model inference endpoints. You’ll be the operational heartbeat of our AI security posture, partnering across security, infrastructure, and research teams to detect attacks, orchestrate containment, and safeguard our most valuable intellectual property. If you thrive on staying ahead of attackers and can turn cutting-edge AI threat intelligence into production-grade detection systems, we’d love to hear from you. Role Boundaries & Collaboration What You Own (Responsible) • Incident response coordination • Real-time threat monitoring and detection • Production AI monitoring (not research) • Forensic investigation • Detection engineering across all security domains • AI threat detection implementation What You Don't Own (Others Lead) • AI security research (AI Security owns) • Preventive security controls (respective domain teams own) • Customer-facing security features (Software Security Engineering owns) • Infrastructure hardening (Cloud/Infrastructure owns) Key Partnerships • With AI Security: They provide threat research and models; you implement production monitoring • With All Security Teams: You detect attacks across all domains; they build preventive controls • With Cloud/Infrastructure: They build infrastructure; you monitor it for threats • With Software Security Engineering: You detect customer-impacting incidents; they build protections ‍♀️ Your responsibilities • Engineer advanced threat detection — Design and implement detections for AI/ML-specific threats including prompt injection, model extraction, data poisoning, and adversarial inputs. • Automate security responses — Build playbooks and orchestration workflows that contain AI-targeted attacks in minutes, not hours. • Lead AI incident response — Coordinate cross-team investigations into compromises of models, training data, and inference endpoints. • Hunt for AI-specific threats — Proactively search for active attacks across GPU clusters, training pipelines, and model deployments. • Enhance visibility & telemetry — Onboard, optimize, and analyze logging from AI infrastructure to detect anomalies and misuse. • Collaborate across domains — Partner with AI Security on threat intelligence, Cloud/Infrastructure on runtime monitoring, and Software Security Engineering on customer-impacting incidents. ⭐️ Is this you? Required Experience • 8+ years in security operations, detection engineering, or incident response. • 3+ years securing AI/ML infrastructure or high-performance computing environments. • Proven ability to detect and stop sophisticated attacks. • Experience with distributed systems, GPU cluster security, and cloud-native monitoring. • Proficiency with SIEM platforms and detection technologies. • Strong programming skills in Python, KQL, SPL, or similar. Technical Expertise • Deep understanding of AI/ML attack vectors such as adversarial examples, model inversion, and membership inference. • Experience securing training pipelines, model deployments, and sensitive research environments. • Knowledge of GPU computing security challenges. • Hands-on forensics experience in distributed or cloud-based systems. Execution & Impact • Demonstrated success in building detections for novel, AI-specific attack techniques. • History of safeguarding high-value intellectual property. • Proven record of automating incident response at scale. • Track record of uncovering critical security gaps through proactive threat hunting. Preferred Qualifications • Background in AI/ML engineering or research. • Experience with AI safety and AI/ML security research. • Familiarity with APT tactics targeting AI companies. • Contributions to the AI security research community. • Experience with confidential computing or secure enclaves. Benefits & perks (US Full-time employees) • Generous PTO, plus company holidays • Medical, dental, and vision coverage for you and your family • Paid parental leave for all parents (12 weeks) • Fertility and family planning support • Early-detection cancer testing through Galleri • Flexible spending account and dependent FSA options • Health savings account for eligible plans with company contribution • Annual work-life stipends for: • Home office setup, cell phone, internet • Wellness stipend for gym, massage/chiropractor, personal training, etc. • Learning and development stipend • Company-wide off-sites and team off-sites • Competitive compensation, company stock options and 401k WRITER is an equal-opportunity employer and is committed to diversity. We don't make hiring or employment decisions based on race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Under the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. By submitting your application on the application page, you acknowledge and agree to WRITER's Global Candidate Privacy Notice. Apply tot his job