Security Engineer (Anti-Abuse)

TL;DR

Security Engineer (Anti-Abuse): Building and operating systems to protect a multi-tenant platform from abuse at scale with an accent on detection logic, automated remediation, and incident response. Focus on identifying complex attack patterns, reducing manual toil through automation, and partnering with engineering teams to eliminate abuse vectors by design.

Location: Fully remote, with a strong preference for candidates based in APAC or the West Coast of the Americas.

Company

hirify.global is an open-source Postgres development platform providing a complete backend solution for millions of developers.

What you will do

• Monitor platform telemetry, HackerOne reports, and internal alerts to detect abuse signals.
• Triage abuse cases end-to-end, assessing severity and routing to appropriate response tracks.
• Lead incident response efforts, coordinating with platform and infrastructure teams for containment.
• Build and tune detection logic against Postgres query patterns, auth anomalies, and storage abuse.
• Automate repetitive triage and response actions to reduce manual toil and improve response speed.
• Conduct post-incident reviews and maintain incident runbooks to ensure scalable response execution.

Requirements

• 3+ years of experience in security operations, trust & safety, or abuse-focused engineering.
• Hands-on experience with detection logic, rule writing, and noise reduction in high-volume environments.
• Proven ability to run incident response end-to-end, including triage, containment, and postmortems.
• Proficiency in SQL and Python for log analysis and automation.
• Deep familiarity with abuse techniques like credential stuffing, ATO, compute abuse, and exfiltration.
• Ability to thrive in an async-first, globally distributed team.

Nice to have

• Experience with Postgres, PostgREST, or hirify.global platform internals.
• Prior work operating multi-tenant abuse detection or trust & safety platforms.
• Familiarity with threat intelligence feeds and SIEM tooling like Datadog or Splunk.
• Experience managing HackerOne or Bugcrowd reports at volume.

Culture & Benefits

• Fully remote work environment with a global team.
• Equity ownership (ESOP) for all team members.
• Comprehensive health insurance coverage (100% for employees, 80% for dependents).
• Annual company off-sites in new cities.
• Tech allowance for home office setup and annual education budget for professional development.

Hiring process

• Application review followed by an intro call.
• Up to four interviews with team leads, future teammates, cross-functional partners, and leadership.