You will design and ship high-precision detections across cloud services and enterprise SaaS, develop automation that shortens response timelines, and mature the telemetry pipelines that make it all possible. Your ability to write production-quality code is just as important as your ability to triage an alert.

Responsibilities:

• Engineer, test, and deploy detection logic across cloud and enterprise environments, treating detections as software with version control, peer review, and measurable performance.

• Build and maintain incident response automation, runbooks, and tooling that reduce containment timelines without sacrificing developer velocity.

• Mature telemetry pipelines through improved schema design, normalization, enrichment, and quality checks that reduce false positives and increase signal fidelity.

• Perform digital incident investigations to identify and contain potential security breaches.

• Conduct digital forensics and malware analysis to understand attack vectors and adversary methodologies.

• Integrate alerting with messaging and ticketing systems to enable fast, traceable response workflows.

• Partner cross-functionally with IT, security, and engineering teams to harden identity and access patterns, close logging and forensics gaps, and implement maintainable guardrails that scale with the organisation.

• Utilize threat intelligence platforms to improve hunting, detection, and response workflows.

• Clearly explain the significance and impact of incidents, providing actionable recommendations to both technical and non-technical stakeholders.

Ideal Candidate:

• 5+ years of experience in Detection Engineering, Incident Response, or Security Operations, with a strong emphasis on building and shipping security tooling and automation.

• Proficiency in at least one programming language (e.g., Python, Go) and comfort writing production-grade code , not just scripts.

• Hands-on experience designing or improving detection pipelines, SIEM content, and alerting workflows in cloud-native environments.

• Practical experience with SIEM, EDR, and SOAR tools, with a preference for candidates who have built integrations or extended these platforms programmatically.

• Strong understanding of modern cyber threats, common attack techniques, and adversary TTPs.

• Familiarity with digital forensics tools and malware analysis techniques.

• Experience with cloud-native environments (e.g., AWS, GCP, Azure) and the security telemetry those environments generate.

• Exposure to threat intelligence platforms and integrating intel into detection and investigation workflows.

• Strong communication skills, with the ability to translate complex security findings into clear business impact.

• Relevant security certifications (e.g., GCIH, GCFA, GCIA, CISSP, GDSA) are a plus.

Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training. Scale employees in eligible roles are also granted equity based compensation, subject to Board of Director approval. Your recruiter can share more about the specific salary range for your preferred location during the hiring process, and confirm whether the hired role will be eligible for equity grant. You’ll also receive benefits including, but not limited to: Comprehensive health, dental and vision coverage, retirement benefits, a learning and development stipend, and generous PTO. Additionally, this role may be eligible for additional benefits such as a commuter stipend.

XML job scraping automation by YubHub

You will be responsible for securing large cloud environments, orchestrating and securing various compute clusters, and reviewing infrastructure as code. Your expertise in cloud security, infrastructure automation, and advanced security practices will be essential in maintaining and enhancing our security posture.

Key responsibilities include:

• Securing infrastructure across large cloud hosting providers (e.g., AWS, Azure, GCP).
• Implementing and maintaining robust security configurations and policies for cloud environments.
• Conducting regular security assessments and audits of infrastructure to identify vulnerabilities and areas for improvement.
• Developing and enforcing security best practices for infrastructure automation and orchestration.
• Collaborating with DeveloperExperience, IT, and product teams to integrate security into all stages of the infrastructure lifecycle.
• Reviewing and securing infrastructure as code (e.g., Terraform, CloudFormation).
• Educating and mentoring team members on infrastructure security best practices and emerging threats.

Ideally, you'd have:

• Proven experience as a Security Engineer with a focus on product security.
• Proficiency in NodeJS, TypeScript, and Kubernetes.
• Experience with orchestrating and securing GPU clusters.
• Proficiency in infrastructure as code tools such as Terraform and CloudFormation.
• Excellent communication skills, with the ability to clearly explain technical concepts and their implications to both technical and non-technical stakeholders.
• Demonstrated ability to influence security strategies and drive improvements within an organisation.
• Relevant security certifications (e.g., AWS Certified Security Specialty, Certified Cloud Security Professional) are a plus.
• Experience in a senior or lead security role is preferred.

Compensation packages at Scale for eligible roles include base salary, equity, and benefits. The range displayed on each job posting reflects the minimum and maximum target for new hire salaries for the position, determined by work location and additional factors, including job-related skills, experience, interview performance, and relevant education or training.

XML job scraping automation by YubHub

Responsibilities

• Monitor and analyse security alerts and logs to identify potential threats and anomalies
• Develop, implement, and maintain detection rules and correlation logic in our SIEM platform
• Conduct thorough investigations of security incidents, performing root cause analysis and impact assessments
• Lead incident response efforts, coordinating with relevant teams to contain and mitigate threats
• Create and maintain incident response playbooks and runbooks
• Perform regular threat hunting activities to proactively identify potential security risks
• Develop and refine metrics and reporting to track the effectiveness of detection and response capabilities
• Collaborate with other security teams to improve overall security posture and incident handling processes
• Stay current with emerging threats, attack techniques, and defensive strategies in the cloud-native and AI domains

Basic Qualifications

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 3-5 years of experience in security operations, incident response, or a similar role
• Strong understanding of cybersecurity principles, attack techniques, and defensive strategies
• Proficiency in at least one scripting language (e.g., Python, Rust) for automation and tool development
• Experience with SIEM platforms and log analysis tools
• Familiarity with cloud environments (e.g., AWS, GCP, Azure) and their security features
• Knowledge of network protocols, system administration, and common attack vectors
• Strong analytical and problem-solving skills with attention to detail
• Excellent communication skills and ability to work effectively under pressure

Preferred Skills and Experience

• Relevant security certifications (e.g., GCIH, GCIA, SANS)
• Experience with threat intelligence platforms and their integration into detection processes
• Familiarity with AI/ML security implications, particularly those outlined in the OWASP LLM Top 10
• Knowledge of software supply chain security and SBOM analysis
• Experience with containerized environments and Kubernetes security
• Experience in building custom security tools or integrations to enhance detection and response capabilities
• Interest in leveraging AI to improve threat detection and automate response processes
• Contributions to open-source security projects or threat research
• Experience with digital forensics and malware analysis

Compensation and Benefits

$200,000 - $340,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub

In this role, you will design, implement, and maintain secure cloud infrastructure and ensure the integrity of our cloud-native applications.

Responsibilities:

• Design and implement secure cloud architectures across multiple cloud platforms (e.g., AWS, GCP, Azure)
• Develop and maintain Infrastructure as Code (IaC) templates with embedded security controls
• Conduct regular security assessments and audits of cloud infrastructure and services
• Implement and manage cloud security tools and services (e.g., CSPM, CWPP, CASB)
• Collaborate with development teams to ensure security best practices are integrated into CI/CD pipelines
• Monitor and respond to security events and incidents in cloud environments
• Develop and maintain cloud security policies, standards, and procedures
• Stay current with emerging cloud security threats and mitigation strategies

Basic Qualifications:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 3-5 years of experience in cloud security or related roles
• Strong understanding of cloud security principles, compliance frameworks, and best practices
• Proficiency in at least one cloud platform (AWS, GCP, or Azure) and associated security services
• Experience with Infrastructure as Code tools (e.g., Terraform, CloudFormation)
• Familiarity with containerization technologies and their security implications
• Knowledge of network security concepts and protocols
• Experience with scripting languages (e.g., Python, Bash) for automation and tool development

Preferred Skills and Experience:

• Relevant security certifications (e.g., CCSP, CSSK, AWS Security Specialty)
• Experience with multi-cloud environments and cloud-to-cloud security
• Knowledge of DevSecOps practices and tools
• Experience with Kubernetes and container security
• Experience in building custom cloud security tools or integrations
• Interest in leveraging AI for cloud security monitoring and automation
• Contributions to open-source cloud security projects
• Experience with securing AI/ML workloads in cloud environments

Compensation and Benefits:

$200,000 - $340,000 USD

Base salary is just one part of our total rewards package at xAI, which also includes equity, comprehensive medical, vision, and dental coverage, access to a 401(k) retirement plan, short & long-term disability insurance, life insurance, and various other discounts and perks.

XML job scraping automation by YubHub