Senior Security Engineer (Detection & Response)

Scribd•San Francisco, CA

13h

About The Position

At Scribd Inc. (pronounced “scribbed”), our mission is to spark human curiosity. Join our team as we create a world of stories and knowledge, democratize the exchange of ideas and information, and empower collective expertise through our four products: Everand, Scribd, Slideshare, and Fable. This posting reflects an approved, open position within the organization. We support a culture where our employees can be real and be bold; where we debate and commit as we embrace plot twists; and where every employee is empowered to take action as we prioritize the customer. When it comes to workplace structure, we believe in balancing individual flexibility and community connections. It’s through our flexible work benefit, Scribd Flex, that employees – in partnership with their manager – can choose the daily work-style that best suits their individual needs. A key tenet of Scribd Flex is our prioritization of intentional in-person moments to build collaboration, culture, and connection. For this reason, occasional in-person attendance is required for all Scribd Inc. employees, regardless of their location. So what are we looking for in new team members? Well, we hire for “GRIT”. The textbook definition of GRIT is demonstrating the intersection of passion and perseverance towards long term goals. At Scribd Inc., we are inspired by the potential that this can unlock, and ask each of our employees to pursue a GRIT-ty approach to their work. In a tactical sense, GRIT is also a handy acronym that outlines the standards we hold ourselves and each other to. Here’s what that means for you: we’re looking for someone who showcases the ability to set and achieve G oals, achieve R esults within their job responsibilities, contribute I nnovative ideas and solutions, and positively influence the broader T eam through collaboration and attitude. About the team and role The Infrastructure Security team at Scribd is responsible for protecting our applications, platforms, and users through proactive, engineering-led security practices. As Scribd continues to scale, we are evolving our Detection & Response capabilities from reactive alerting toward a time-based security model - where speed, signal quality, and resilience are first-class design goals. As a Senior Security Engineer focused on Detection & Response , you will help shape Scribd’s long-term detection and response capabilities while owning execution within a defined domain. You’ll work closely with application, infrastructure, and IT security teams - as well as our managed detection and response (MDR) partner - to design high-fidelity telemetry, operationalize our SIEM, and continuously reduce mean time to detect and respond (MTTD/MTTR). This role is ideal for someone who enjoys building durable security systems, translating incidents into engineering improvements, and gradually expanding ownership through demonstrated impact.

Requirements

4+ years of experience in security engineering, detection engineering, incident response, or an equivalent blend of software and security engineering
Hands-on experience designing or operating detection and response systems (not just responding to alerts)
Strong understanding of logging, telemetry, and signal design in modern cloud and application environments
Experience with SIEM technologies such as Splunk, Elasticsearch, Datadog, Chronicle, or similar platforms
Experience partnering with or operating alongside an MDR or SOC provider
Familiarity with threat detection and response frameworks (e.g., MITRE ATT&CK, Time-Based Security, NIST CSF)
Ability to write quality code or tooling in at least one backend language (preferably Python, Ruby, or Go)
Strong collaboration and communication skills, with the ability to influence engineers without formal authority

Nice To Haves

Experience with bot detection, abuse prevention, or DDoS mitigation
Experience instrumenting or protecting GraphQL APIs
Cloud security experience (AWS preferred)
Infrastructure-as-Code experience (Terraform, CloudFormation)
Experience building automation for alerting, triage, or response workflows
Exposure to purple-team or adversary simulation exercises

Responsibilities

Design and operationalize detection capabilities
Own and evolve detection coverage across applications, APIs, cloud infrastructure, identity, and bot/abuse surfaces
Translate threat models and real incidents into high-confidence detection patterns
Partner with engineers to instrument high-quality, security-relevant telemetry at the application and platform layers
Operationalize and mature the SIEM
Lead enrichment, normalization, and correlation of logs into actionable security signals
Define detection standards and patterns to reduce noise and improve signal quality
Ensure telemetry supports both internal investigations and MDR-led monitoring
Improve response speed and quality
Reduce MTTD and MTTR through improved triage, automation, and contextual alerting
Build and maintain runbooks, response workflows, and post-incident learning loops
Partner with IT Security and the MDR provider to continuously improve detection and response outcomes
Advance runtime and behavior-based protections
Help design and deploy runtime detection and protection techniques (RASP-like approaches), especially for modern interfaces such as GraphQL
Support bot detection, abuse prevention, and DDoS mitigation in collaboration with application and platform teams
Leverage deception techniques (e.g., honeypots, canaries) to detect and learn from adversary behavior
Define and track meaningful metrics
Implement and track detection and response KPIs (e.g., coverage, signal quality, MTTD/MTTR)
Use metrics to guide prioritization and measure improvement over time
Align measurements with frameworks such as Time-Based Security and NIST CSF
Validate and improve continuously
Participate in purple-team exercises, tabletop simulations, and incident retrospectives
Ensure detection, response, and protection capabilities work cohesively within targeted timeframes

Benefits

Healthcare Insurance Coverage (Medical/Dental/Vision): 100% paid for employees
12 weeks paid parental leave
Short-term/long-term disability plans
401k/RSP matching
Onboarding stipend for home office peripherals + accessories
Learning & Development allowance
Learning & Development programs
Quarterly stipend for Wellness, WiFi, etc.
Mental Health support & resources
Free subscription to the Scribd Inc. suite of products
Referral Bonuses
Book Benefit
Sabbaticals
Company-wide events
Team engagement budgets
Vacation & Personal Days
Paid Holidays (+ winter break)
Flexible Sick Time
Volunteer Day
Company-wide Employee Resource Groups and programs that foster an inclusive and diverse workplace.
Access to AI Tools: We provide free access to best-in-class AI tools, empowering you to boost productivity, streamline workflows, and accelerate bold innovation.