Security Engineer, Detection & Response

Posted 5 Days Ago
Easy Apply
Be an Early Applicant
San Francisco, CA
Mid level
Artificial Intelligence • Information Technology • Machine Learning • Natural Language Processing • Productivity • Software • Generative AI
Good writing moves work forward.
The Role
The Corporate Security Engineer will design and develop security solutions, enhance enterprise security controls across various domains, and collaborate on creating security standards. Responsibilities include risk assessments, threat modeling, and ensuring the effectiveness of security practices.
Summary Generated by Built In

Grammarly offers a dynamic hybrid working model for this role. This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that helps foster trust, innovation, and a strong team culture.

About Grammarly

Grammarly is the world’s leading AI writing assistance company, and it is trusted by over 30 million people and 70,000 teams. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of the Fortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

The Opportunity

To achieve our ambitious goals, we’re looking for a Security Engineer to join our Detection and Response (DART) team.  As a key member of our organization, you will be instrumental in safeguarding our digital assets and ensuring our security posture remains robust against emerging threats. If you have a passion for cybersecurity, a keen eye for detail, and extensive experience in security operations, we want to hear from you!

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

As a DART engineer, you will 

  • Design, implement, and fine-tune advanced detection mechanisms to identify potential security threats and vulnerabilities within our environment proactively.
  • Perform forensics and spearhead response efforts during security incidents. This includes triaging security alerts, taking relevant mitigation steps, and engaging with internal stakeholders to ensure swift resolution.
  • Continuously tune our alerting rules to reduce false positives and enhance our signal-to-noise ratio, ensuring our detection systems are both effective and efficient.
  • Participate in our team’s on-call rotation, providing expert guidance and rapid response to security incidents as they arise.
  • Assist with the definition, creation, and maintenance of SIEM (Security Information and Event Management) detection rules and dashboards to provide clear, actionable insights.
  • Streamline our security operations by authoring comprehensive runbooks, writing automation scripts, and building SOAR (Security Orchestration, Automation, and Response) capabilities to reduce manual intervention and improve response times.
  • Improve our overall Incident Response process and ensure our readiness against adversaries.
  • Actively work to burn down the detection backlog, enhancing our detection coverage and accuracy across all monitored systems and applications.
  • Develop advanced detection strategies and tactics.
  • Collaborate on project and roadmap planning.

Qualifications

  • Has a minimum of 10 years in cybersecurity, with a focus on detection and response.
  • Is proficient in SIEM platforms and scripting languages (Python) and has familiarity with SOAR tools.
  • Has hands-on experience combating adversaries of varying sophistication (script kiddies to APT).
  • Has a foundational understanding of Corporate Security, including Mac endpoint security and Crowdstrike EDR.
  • Has professional experience with a commercial SIEM (Sumologic preferred).
  • L1, L2 SOC experience or "SOC-less" model (MDR, etc.).
  • Can define detection strategies and multi-quarter roadmaps.
  • Has strong expertise in incident handling and forensic investigation, with a proven track record of managing complex security incidents.
  • Has excellent analytical and problem-solving skills, with the ability to think critically under pressure.
  • Demonstrates strong verbal and written communication skills, capable of interacting with technical and non-technical stakeholders alike.
  • Has relevant industry certifications such as CISSP, GCIA, GCIH, or equivalent.
  • Has excellent problem-solving skills, with the ability to work independently and handle multiple tasks.
  • Has strong communication skills and can explain complex security issues in understandable terms.
  • Nurtures the talent in the team and raises the technical talent bar when recruiting for their team.

Compensation and Benefits

  • Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 
  • Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
  • Disability and life insurance options
  • 401(k) and RRSP matching 
  • Paid parental leave
  • 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and flexible sick time 
  • Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
  • Annual professional development budget and opportunities

United States: 

Zone 1: $270,000 – $320,000/year (USD)

We encourage you to apply.

At Grammarly, we value our differences, and we encourage all to apply—especially those whose identities are traditionally underrepresented in tech organizations. We do not discriminate on the basis of race, religion, color, gender expression or identity, sexual orientation, ancestry, national origin, citizenship, age, marital status, veteran status, disability status, political belief, or any other characteristic protected by law. Grammarly is an equal opportunity employer and a participant in the US federal E-Verify program (US). We also abide by the Employment Equity Act (Canada).

#LI-AD3

#LI-Hybrid

 

What the Team is Saying

Celeste
Maryna
Brad
Shanik
The Company
HQ: San Francisco, CA
900 Employees
Hybrid Workplace
Year Founded: 2009

What We Do

Grammarly is the world’s leading AI writing assistance company trusted by over 30 million people and 70,000 professional teams every day. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of the Fortune 500 get their point across—and get results—without compromising security or privacy. We believe that great writing gets work done.

Grammarly’s product offerings—Grammarly Business, Grammarly Premium, Grammarly Free, and Grammarly for Education—work where you do, delivering contextually relevant writing support across over 500,000 apps and websites.

Founded in 2009, Grammarly is No. 7 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces. Grammarly offers a dynamic hybrid working model. This approach helps foster trust, innovation, and a strong team culture, with the flexibility of working from home, whenever you need focus time.

Why Work With Us

Grammarly’s values-driven team is growing to support our expanding user base and continue developing our writing assistance into a truly comprehensive communication partner. Our working model balances remote work with in-person collaboration at Grammarly’s hubs in San Francisco, Kyiv, New York, and Vancouver.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Grammarly Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Flexible
HQSan Francisco, CA
Berlin, DE
Kiev, UA
Krakow
New York, NY
Seattle
Vancouver, BC
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account