Cognitive Collective

Helping you find your next career in AI. Learn more about the job board on the Scale blog.

Are you a scaling AI startup? Email to be added to our board.

Senior Security Engineer - Incident Detection & Response



Menlo Park, CA, USA
Posted on Sunday, April 7, 2024

About us

Character’s mission is to empower everyone with AGI. Our vision is to enable people with our technology so that they can use Character.AI any moment of any day.

Character.AI is one of the world’s leading personal AI platforms. Founded in 2021 by AI pioneers Noam Shazeer and Daniel De Freitas, Character.AI is a full-stack AI company with a globally scaled direct-to-consumer platform. As of 2023 that platform was #2 in the space in user engagement. Character.AI is uniquely centered around people, letting users personalize their experience by interacting with AI “Characters.” The company achieved unicorn status in 2023 and was named Google Play’s AI App of the Year.

Noam co-invented the key tech powering LLMs and was recently named to TIME100’s Most Influential People in AI list. TIME called him “one of the most important and impactful people of the space’s past, present, and future.” Daniel created and led LaMDA, the breakthrough conversational tech project currently powering Bard.

To learn more, please visit

About the Role


As a founding member of our Security Incident Detection and Response team, you will be responsible for driving the development of our security incident detection and response program. Hold sophisticated attackers at bay by envisioning, deploying, and managing the technology we rely on to detect attacks on our infrastructure, applications, and large language models. Design workflows and processes to rapidly and effectively respond to security incidents, and then automate them to support the growth and scaling of our fast-growing organization.

Job responsibilities may include:

  • Deploying and configuring SIEM and SOAR systems

  • Centralizing log ingestion pipelines and processing

  • Constructing high-signal dashboards to support critical security decision making

  • Integrating SIEM systems with alerting and escalation pipelines

  • Automating the correlation of suspicious events to potential security incidents

  • Defining, implementing, and automating incident response and security operations playbooks via SOAR platforms


Competitive candidates will have:

  • At least 5 years of experience in security incident detection and response and SecOps

  • Experience deploying and configuring SIEM systems such as Splunk, Sumo Logic, or Chronicle

  • Experience defining incident response playbooks and automating them using SOAR platforms such as XSOAR or Chronicle

  • An established history of driving incident response and security operations efforts

  • Knowledge of zero trust principles, including device posture assertion infrastructure

  • Familiarity with Linux and macOS environments, including demonstrable comfort with the Linux CLI

  • Experience working within cloud environments such as GCP or AWS

  • An ability to code at an intermediate level sufficient to build integrations between platforms and tools

  • A demonstrated ability to work autonomously to identify and resolve problems independently

Outstanding candidates will have one or more of the following:

  • Familiarity with CrowdStrike Falcon

  • Familiarity with web service or web application architecture and frameworks

  • Experience working with macOS mobile device management systems

  • Previous experience in a technology startup

Character is an equal opportunity employer and does not discriminate on the basis of race, religion, national origin, gender, sexual orientation, age, veteran status, disability or any other legally protected status. We value diversity and encourage applicants from a range of backgrounds to apply.