Security Engineer

About the RoleWe are seeking a hands-on Security Engineer to support our Threat Intelligence team in scaling and optimizing a high-volume takedown program. This role is focused on execution, automation, and data-driven decision-making, not strategy alone.You will work directly with a growing pipeline of security signals and takedown requests, helping reduce false positives, identify malicious activity, and improve the efficiency and durability of the overall workflow.This is a fast-paced, high-impact opportunity for someone who can quickly ramp up and contribute in a short timeframe.What You’ll DoManage and triage high-volume takedown requests, distinguishing between malicious activity, legitimate partners, and false positivesUse SQL to analyze large datasets, identify trends, and uncover patterns in adversary behaviorCollaborate with internal teams and external vendors to coordinate and execute takedownsBuild and enhance automation (Python, APIs, AI tools) to improve classification, routing, and processing efficiencyContinuously improve workflows to reduce backlog and increase signal qualityApply practical security judgment to assess indicators and make fast, accurate decisionsRequired QualificationsStrong SQL proficiency (non-negotiable) – ability to write queries independently and analyze data effectivelyBackground in security operations (SOC, Incident Response, Threat Intelligence, or Security Engineering)Experience working with high-volume alerts, signals, or security dataFamiliarity with DevOps concepts, APIs, and automation workflowsStrong problem-solving skills and ability to operate in ambiguous, fast-moving environmentsMust be located in San Diego, CA and able to work onsite 3 days/weekPreferred QualificationsExperience with takedown operations, adversary disruption, or vendor coordinationProficiency in Python scripting for automationExperience using AI or prompt engineering to improve workflows and efficiencyFamiliarity with cloud environments (AWS, GCP)Exposure to internet infrastructure, abuse patterns, or fraud detectionWhat Success Looks LikeRapid ramp-up with minimal guidanceReduction in takedown backlog and improved processing efficiencyIncreased accuracy in distinguishing malicious vs. benign signalsImplementation of automation that reduces manual workloadMeaningful contribution within a short contract window