Security Engineer, Detection & Response at Liftoff

Liftoff is a leading AI-powered performance marketing platform for the mobile app economy. Our end-to-end technology stack helps app marketers acquire and retain high-value users, while enabling publishers to maximize revenue across programmatic and direct demand. Liftoff’s solutions, including Accelerate, Direct, Monetize, Intelligence, and Vungle Exchange, support over 6,600 mobile businesses across 74 countries in sectors such as gaming, social, finance, ecommerce, and entertainment. Founded in 2012 and headquartered in Redwood City, CA, Liftoff has a diverse, global presence. Liftoff is a leading AI-powered performance marketing platform for the mobile app economy. Our end-to-end technology stack helps app marketers acquire and retain high-value users, while enabling publishers to maximize revenue across programmatic and direct demand. Liftoff's solutions, including Accelerate, Direct, Monetize, Intelligence, and Vungle Exchange, support over 6,600 mobile businesses across 74 countries in sectors such as gaming, social, finance, ecommerce, and entertainment. Founded in 2012 and headquartered in Redwood City, CA, Liftoff has a diverse, global presence. The Liftoff Security team protects Liftoff's customers, users, and employees. We architect Liftoff's security posture, build the tools and systems that defend it, and partner with engineering teams as they ship new products and features. Our work spans the entire stack — infrastructure, web, mobile, and IT — and we approach security from a software engineering standpoint, scaling our impact through automation and well-designed tools. Now is the time to join! Here's why: • Build out our detection and response function. Liftoff has a mature security information and event management platform (SIEM), established detection content, and a working incident response program. Your charter is to take it to the next level — including leading our investment in AI-augmented SOC tooling. • High visibility, high impact. Detection and response is a critical capability for Liftoff. • Security-conscious engineering culture. Liftoff's engineering org is a willing and capable partner on security work. • Hands-on technical work. Stay deep in code, detections, and incidents. • Breadth of work. Detection and response is the primary focus, but you'll partner across the security team on cloud, infrastructure, and application security where the work demands it. • Large-scale, interesting systems. Liftoff processes millions of requests per second across its demand-side platform (DSP), mobile software development kit (SDK), and ad exchange. Responsibilities: • Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline. • Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment. • Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT. • Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable. • Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil. • Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks — so security scales without becoming a bottleneck. • Close the feedback loop between the team's offensive and proactive findings and detection coverage. • Partner across the security team on cloud, infrastructure, and application security work alongside your detection and response focus — every engineer on this team covers breadth beyond their primary focus. • Participate in the Security team's on-call rotation and incident response. Minimum Qualifications: • 5+ years in security engineering, security operations, detection engineering, or software engineering with a security focus. • Hands-on production SIEM operation — onboarding log sources, writing and maintaining detection content, and triaging alerts. • Write production-quality code for security automation and detection-as-code. • Experience leading or substantially contributing to security incident response. • Strong technical writing — design docs, runbooks, and post-incident reviews. • Demonstrated judgment in prioritizing security work using a risk-based approach. • Ability to quickly navigate large, unfamiliar codebases and reason about complex engineering systems. • Excellent verbal communication. • Willing to participate in an on-call rotation. Desirable Qualifications: • Hands-on experience with an AI-augmented SOC platform (Prophet Security, Dropzone AI, or equivalent), or with building large language model (LLM) augmented investigation and runbook tooling. • Experience operating in cloud environments at scale. • Cloud incident response experience, particularly in AWS. • Endpoint forensics for incident response on Mac and/or Linux. • Detection-as-code workflows in continuous integration and deployment (CI/CD) pipelines. • Mobile adtech or high-volume SaaS background. Compensation: The following are our base salary ranges for this role: • SF Bay Area, NYC, Los Angeles/Orange County: $200,000 - $240,000 • Seattle/Olympia, Austin, San Diego, Santa Barbara, Boston: $184,000 - $220,000 • All other cities and towns in our approved states: $172,000 - $206,000 plus bonus Location: This role is eligible for full-time remote work in one of our entities: CA, CO, ID, IL, FL, GA, MA, MI, MN, MO, NJ, NV, NY, OR, TX, UT, and WA. We are a remote-first company with US hubs in Redwood City, Los Angeles, and New York City. Travel Expectations: We offer several opportunities for in-person team gatherings, including but not limited to project meetings, regional meetups, and company-wide events. We expect our employees to attend these gatherings at least once per quarter. These gatherings provide essential opportunities for collaboration, communication, and team building. #LI-REMOTE #LI-EL1 Liftoff offers a fast-paced, collaborative, and innovative work environment where employees are empowered to grow and make an impact. We’re shaping the future of the mobile app ecosystem—join us and help accelerate what’s next. Liftoff’s compensation strategy includes competitive salaries, equity, and benefits designed to support employee well-being and performance. We benchmark compensation based on role, level, and location to ensure fairness and market alignment. Benefits may include medical coverage, wellness stipends, and additional perks based on your country of residence. Liftoff is an equal opportunity employer. We are committed to creating an inclusive environment for all employees and applicants regardless of race, ethnicity, national origin, age, marital status, disability, sexual orientation, gender identity, religion, veteran status, or any other characteristic protected by applicable law. Agency and Third Party Recruiter Notice: Liftoff does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies in response to job postings. No fee will be paid to third parties who submit unsolicited candidates directly to our hiring managers or Recruiting Team. All candidates must be submitted via our Applicant Tracking System by approved Liftoff vendors who have been expressly requested to make a submission by our Recruiting Team for a specific job opening. No placement fees will be paid to any firm unless such a request has been made by the Liftoff Recruiting Team and such a candidate was submitted to the Liftoff Recruiting Team via our Applicant Tracking System.