Mixpanel - Senior Security Engineer
Upload My Resume
Drop here or click to browse · Tap to choose · PDF, DOCX, DOC, RTF, TXT
Requirements
• Security Engineering Foundations: Experience operating across the core pillars of a modern security program—including Product, Cloud, and Corporate Security. You are comfortable navigating Identity (IAM), threat modeling, and secure code reviews as part of a unified team. • Security Engineering Foundations: • Detection & Response Specialization: A deep understanding of the detection-as-code lifecycle. You have experience turning raw telemetry into precise, actionable alerting and building the infrastructure required to defend a high-scale SaaS environment. • Detection & Response Specialization: • Operational Execution: The ability to manage a high volume of daily security tasks. You are prepared to handle a diverse range of responsibilities—from triaging vulnerabilities and policy violations to investigating suspicious activity across the entire stack. • Operational Execution: • Cloud Data Proficiency: Proficiency with the Google Cloud Platform ecosystem (specifically Cloud Logging, BigQuery, and Pub/Sub) to build automated security data pipelines and maintain visibility across high-volume environments. • Cloud Data Proficiency: • Modern Automation & AI: Proficiency in Python to develop automated workflows and integrate security tools via APIs. You are comfortable leveraging AI and LLMs to build autonomous security workflows—such as automated alert enrichment, intelligent incident summarization, and AI-assisted code analysis—to drastically reduce time-to-context. • Modern Automation & AI: • Python • Threat Intelligence Maturity: Experience evaluating and embedding external intelligence—including dark web monitoring, brand protection, and adversary tactics—into a security program. You know how to identify where a specific intelligence source provides the most defensive value and how to integrate that data into automated workflows. • Threat Intelligence Maturity: • dark web monitoring, brand protection, and adversary tactics • Security Outreach & Mentorship: Experience leading "Security Champions" initiatives or a demonstrated ability to elevate the security IQ of non-security teams. You help others think critically about threat identification and telemetry—explaining the "why" behind visibility requirements when building new features or onboarding third-party vendors. • Security Outreach & Mentorship: • threat identification and telemetry • Deception & Canary Strategies: Familiarity with deploying deception techniques (e.g., honeytokens, canary credentials, or "fake" internal endpoints) to provide high-fidelity signals of unauthorized lateral movement or credential misuse. • Deception & Canary Strategies: • deception techniques • Platform & Infrastructure Experience: Prior experience with enterprise-grade security tools such as Endpoint Detection & Response (EDR), Email Security gateways, and Cloud-native Security Command Centers. • SaaS & Analytics Scale: Experience defending an environment with massive, high-volume data ingestion and complex user-access patterns similar to Mixpanel’s architecture. • SaaS & Analytics Scale: • Offensive Security Exposure: Experience with vulnerability coordination platforms, automated external scanning, or managing findings from bug bounty programs. • Offensive Security Exposure:
Responsibilities
• Domain Ownership: Serve as the domain expert for Detection & Response, integrating telemetry from across our entire ecosystem—including Product, Cloud, Corporate Infrastructure, and Identity—to build a unified, high-fidelity detection and response engine. • Domain Ownership: • Technical Project Execution: Translate high-level project requirements and technical scoping documents into actionable milestones, managing task delivery and driving cross-functional results. • Technical Project Execution: • Architect Modern Detection: Design and implement precise, actionable alerting within Google Security Operations (SIEM/SOAR), treating detections as code and ensuring they scale with our high-volume data ingestion. • Architect Modern Detection: • Combat Modern Threats: Develop specialized detection logic and playbooks to identify and mitigate application-layer abuses, customer account-targeted events (ATO), and sophisticated social engineering. • Combat Modern Threats: • Operational Lead (EMEA): Serve as the primary technical lead for security incidents during EMEA hours, driving investigations, containment efforts, and cross-functional communication. • Operational Lead (EMEA): • Build Threat Intelligence: Evolve Mixpanel’s threat intelligence program by identifying relevant adversaries and translating tactical intel into proactive SIEM/SOAR logic. • Build Threat Intelligence: • Infrastructure Management: Ensure the operational health and telemetry flow of our core security stack—including SentinelOne, GCP ****Security Command Center, and Mimecast Incydr—to maintain continuous visibility and alerting integrity. • Infrastructure Management:
Benefits
• The amount listed below is the total target cash compensation (TTCC) and includes base compensation and variable compensation in the form of either a company bonus or commissions. Variable compensation type is determined by your role and level. In addition to the cash compensation provided, this position is also eligible for equity consideration and other benefits including medical, vision, and dental insurance coverage. You can view our benefits offerings here.Our salary ranges are determined by role and level and are benchmarked to the SF Bay Area Technology data cut released by Radford, a global compensation database. The range displayed represents the minimum and maximum TTCC for new hire salaries for the position across all of our US locations. To stay on top of market conditions, we refresh our salary ranges twice a year so these ranges may change in the future. Within the range, individual pay is determined by experience, job-related skills, qualifications, and other factors. If you have questions about the specific range, your recruiter can share this information. • Comprehensive Medical, Vision, and Dental Care • Mental Wellness Benefit • Generous Vacation Policy & Additional Company Holidays • Enhanced Parental Leave • Volunteer Time Off • Additional US Benefits: Pre-Tax Benefits including 401(K), Wellness Benefit, Holiday Break • please note that benefits and perks for contract positions will vary* • Culture Values • Make Bold Bets: We choose courageous action over comfortable progress. • Make Bold Bets: • Innovate with Insight: We tackle decisions with rigor and judgment - combining data, experience and collective wisdom to drive powerful outcomes. • Innovate with Insight: • One Team: We collaborate across boundaries to achieve far greater impact than any of us could accomplish alone. • One Team: • Candor with Connection: We build meaningful relationships that enable honest feedback and direct conversations. • Candor with Connection: • Champion the Customer: We seek to deeply understand our customers’ needs, ensuring their success is our north star. • Champion the Customer: • Powerful Simplicity: We find elegant solutions to complex problems, making sophisticated things accessible. • Powerful Simplicity: • We’re a leader in analytics with over 9,000 customers and $277M raised from prominent investors: like Andreessen-Horowitz, Sequoia, YC, and, most recently, Bain Capital. Mixpanel’s pioneering event-based data analytics platform offers a powerful yet simple solution for companies to understand user behaviors and easily track overarching company success metrics. Our accomplished teams continuously facilitate our expansion by tackling the ever-evolving challenges tied to scaling, reliability, design, and service. Choosing to work at Mixpanel means you’ll be helping the world’s most innovative companies learn from their data so they can make better decisions.
No credit card. Takes 10 seconds.