Detection and Response Engineer - Defend the Future of AI
At WRITER, we're not just building AI; we're safeguarding its future. As a Detection and Response Engineer, you'll be on the front lines, defending our cutting-edge AI/AGI platforms, massive training datasets, and deployed models against sophisticated and constantly evolving threats.
Imagine yourself as the guardian of our AI fortress, designing advanced detections, automating rapid responses, and leading investigations into incidents that target our entire AI stack – from powerful GPU clusters to critical model inference endpoints. This isn't just a job; it's a mission to ensure our defenses evolve faster than the adversaries targeting our infrastructure. Be the operational heartbeat of our AI security posture, partnering across security, infrastructure, and research teams to detect attacks, orchestrate containment, and protect our most valuable intellectual property.
If you're passionate about staying one step ahead of attackers and transforming cutting-edge AI threat intelligence into production-grade detection systems, we want you on our team.
Your Mission: Safeguarding AI
Incident Response Coordination: Lead and manage incident response efforts, minimizing the impact of security breaches.
Real-time Threat Monitoring and Detection: Develop and implement real-time threat monitoring solutions to identify and respond to suspicious activity.
Production AI Monitoring: Focus on monitoring our production AI environment, ensuring its security and stability (this role is separate from AI security research).
Forensic Investigation: Conduct thorough forensic investigations to understand the root cause of security incidents and prevent future occurrences.
Detection Engineering Across All Security Domains: Design and implement detection strategies across all security domains, adapting to the ever-changing threat landscape.
AI Threat Detection Implementation: Implement AI-specific threat detections to counter emerging threats targeting our AI systems.
What You Won't Own (Others Lead):
AI security research (AI Security owns)
Preventive security controls (respective domain teams own)
Customer-facing security features (Software Security Engineering owns)
Infrastructure hardening (Cloud/Infrastructure owns)
Key Partnerships: Collaborative Defense
With AI Security: They provide cutting edge threat research and models; you implement production monitoring and real-world detections.
With All Security Teams: You detect attacks across all domains, providing critical insights; they build the preventative controls to bolster our defenses.
With Cloud/Infrastructure: They build and maintain the infrastructure; you monitor it relentlessly for threats, ensuring its security.
With Software Security Engineering: You detect customer-impacting incidents; they build the protections that shield our users.
Responsibilities: Your Impact
Engineer Advanced Threat Detection: Design and implement detections for AI/ML-specific threats, including prompt injection, model extraction, data poisoning, and adversarial inputs.
Automate Security Responses: Build playbooks and orchestration workflows that contain AI-targeted attacks in minutes, not hours, ensuring rapid and effective incident response.
Lead AI Incident Response: Coordinate cross-team investigations into compromises of models, training data, and inference endpoints, ensuring a swift and thorough resolution.
Hunt for AI-Specific Threats: Proactively search for active attacks across GPU clusters, training pipelines, and model deployments, uncovering hidden vulnerabilities.
Enhance Visibility & Telemetry: Onboard, optimize, and analyze logging from AI infrastructure to detect anomalies and misuse, providing crucial insights for threat detection.
Collaborate Across Domains: Partner with AI Security on threat intelligence, Cloud/Infrastructure on runtime monitoring, and Software Security Engineering on customer-impacting incidents, fostering a collaborative security culture.
Are You the Right Defender?
Required Experience
8+ years in security operations, detection engineering, or incident response.
3+ years securing AI/ML infrastructure or high-performance computing environments.
Proven ability to detect and stop sophisticated attacks.
Experience with distributed systems, GPU cluster security, and cloud-native monitoring.
Proficiency with SIEM platforms and detection technologies.
Strong programming skills in Python, KQL, SPL, or similar.
Technical Expertise
Deep understanding of AI/ML attack vectors such as adversarial examples, model inversion, and membership inference.
Experience securing training pipelines, model deployments, and sensitive research environments.
Knowledge of GPU computing security challenges.
Hands-on forensics experience in distributed or cloud-based systems.
Execution & Impact
Demonstrated success in building detections for novel, AI-specific attack techniques.
History of safeguarding high-value intellectual property.
Proven record of automating incident response at scale.
Track record of uncovering critical security gaps through proactive threat hunting.
Preferred Qualifications
Background in AI/ML engineering or research.
Experience with AI safety and AI/ML security research.
Familiarity with APT tactics targeting AI companies.
Contributions to the AI security research community.
Experience with confidential computing or secure enclaves.
Benefits & Perks (US Full-time employees)
Generous PTO, plus company holidays
Medical, dental, and vision coverage for you and your family
Paid parental leave for all parents (12 weeks)
Fertility and family planning support
Early-detection cancer testing through Galleri
Flexible spending account and dependent FSA options
Health savings account for eligible plans with company contribution
Annual work-life stipends for:
Home office setup, cell phone, internet
Wellness stipend for gym, massage/chiropractor, personal training, etc.
Learning and development stipend
Company-wide off-sites and team off-sites
Competitive compensation, company stock options and 401k
WRITER is an equal-opportunity employer and is committed to diversity. We don't make hiring or employment decisions based on race, color, religion, creed, gender, national origin, age, disability, veteran status, marital status, pregnancy, sex, gender expression or identity, sexual orientation, citizenship, or any other basis protected by applicable local, state or federal law. Under the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
By submitting your application on the application page, you acknowledge and agree to WRITER's Global Candidate Privacy Notice.