Staff Security Engineer, Detection & Response

San Francisco, CA


Build better products by turning your user data into meaningful insights, using Amplitude's digital analytics platform.

View company page

Amplitude is a leading digital analytics platform. More than 1,800 customers, including Atlassian, Chick-fil-A, Marks & Spencer, NBCUniversal, PayPal, Shopify, and Under Armour rely on Amplitude to gain self-service visibility into the entire customer journey.  With Amplitude, teams can understand what product features are working, where users are getting stuck, and what actions lead to the right outcomes. As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.

Amplitude’s Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables creation of better products, ability to solve complex problems, and drive more powerful solutions. In order to make diversity possible, we commit to striving to create an environment of inclusion: an environment focused on psychological safety, empathy, and human connection, which will allow employees of all backgrounds to feel the care they need to thrive.

About The Role & Team


As the Staff Security Engineer, Detection & Response Lead you will develop and maintain standard procedures and protocols to ensure Detection & Response meets operational requirements at Amplitude. You’ll build programs including Threat Detection & Engineering, Security Incident Response, Security Operations, Threat Intelligence, and Forensics. You are a subject matter expert in incident response process, cyber forensics, and industry best practices. You’ll have overall accountability for a timely and appropriate response to security threats and incidents.


As a Staff Security Engineer, D&R, you will: 


  • Partner with Engineering (infrastructure, data, appdev) to establish comprehensive visibility into potential risk events across a cloud-native environment
  • Construct an agile, threat intelligence-driven continuous improvement process that leverages purple-team techniques and hypothesis-based threat hunting
  • Create and refine telemetry, detection capabilities, and response playbooks required to detect, prevent, and respond to cyber risk events efficiently
  • Manage risks by implementing robust security capabilities for repeatable predictable outcomes and maturation, and by coordinating incident response workflows
  • Influence Engineering and Product teams to prioritize and implement all stages of the Vulnerability Management life-cycle - detection, analysis, remediation and disclosure


You'll be a great addition to the team if you have:


  • 10+ years of progressively responsible work experience in security engineering, threat management, and incident response
  • Strong working knowledge of and working experience with security frameworks (MITRE, kill chain, Diamond), TTPs, and program frameworks (NIST, ISO)
  • Deep understanding of best practices in and strong technical knowledge of distributed systems and cloud technology AND application security OR infrastructure security
  • Extensive and direct experience in high-pressure situations managing and responding to complex technical cyber security incidents
  • Ability to assess cost/benefit trade-offs of security initiatives in the context of overall business risk mitigation, and Amplitude’s operational objectives


Who We Are


The Company: Amplitude is filled with humble, life-long learners who are eager to help one another and the company succeed. Our values of growth mindset, ownership, and humility are core to the way we work: we’re tenacious in the face of challenges, we take the initiative to solve problems that drive our shared success, and we operate from a place of empathy and openness, seeking to understand many points of view. 

We care about the well-being of our team: along with excellent health insurance, we offer flexible time off, a monthly wellness stipend, a generous parental leave, a subscription to Modern Health, and a generous Learning & Development stipend.

The Product: Amplitude is a digital analytics platform – we help companies understand their users, rapidly release better product experiences, and ultimately grow their business. We’re super proud of what we’ve built and continue to expand: a platform that empowers companies to thrive in the digital era.

Other fun facts about Amplitude: 

  • G2: #1 product analytics solution and #3 best software product 
  • Business Insider: A top tech company to bet your career on
  • Fast Company: #3 most innovative enterprise company in the world
  • Amplitude went public via a direct listing in September 2021 and is now trading under the ticker AMPL. 
  • Founded in 2012, Amplitude is backed by Benchmark Capital, Sequoia Capital, IVP, Battery Ventures, Y Combinator and other top tier investors.
  • We’re a global and fast-growing team! We have offices in San Francisco (HQ), New York, Vancouver, Amsterdam, London, Paris, Singapore, and employees around the world.
  • Our mascot is the datamonster, who loves to chow down on numbers, charts, and graphs. Nom nom.

Amplitude provides equal employment opportunities (EEO). All applicants are considered without regards to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, or sexual orientation.

* Salary range is an estimate based on our salary survey 💰

Tags: Agile Analytics Application security Cloud Forensics Incident response NIST Threat detection Threat intelligence TTPs Vulnerability management

Perks/benefits: Career development Flex hours Flex vacation Gear Health care Insurance Parental leave Startup environment Team events Wellness

Region: North America
Country: United States
Job stats:  3  1  0

More jobs like this

Explore more InfoSec/Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.