Detection & CorpSec Engineer (Remote)
About Quora
Quora’s mission is to grow the world's collective intelligence. It has two platforms: Quora, a global knowledge sharing platform with over 300M monthly unique visitors, and Poe, a platform providing millions of global users with one place to chat, explore, and build with a wide variety of AI language models.
About The Team And Role
The Security team is responsible for protecting the company's most critical assets from both external threats and insider risks. They are a small, high-ownership team with a pragmatic, builder-oriented approach: they build where commercial solutions don't fit, leverage AI to work efficiently at scale, and move fast to stay ahead of real-world threats.
Responsibilities
- Build and maintain a SIEM to collect and analyze logs from across corporate and production systems; write and deploy detections and alerts to identify malicious behavior
- Design and deploy canary tokens and early warning mechanisms to detect threats before they reach critical assets
- Investigate security incidents end-to-end — including malware analysis, exfiltration assessment, and timeline reconstruction — and build runbooks to scale response capabilities
- Partner with IT to define and enforce security standards across the employee device fleet, including endpoint protection, managed device requirements, OS compliance, and VPN access controls
- Drive the PoC and implementation of Zero-Trust VPN and other corporate security infrastructure
- Provide security guidance and advisory support to non-engineering functions across the organization
Minimum Requirements
- Availability for meetings and impromptu communication during Quora's “coordination hours" (Mon-Fri: 9am-3pm Pacific Time)
- 5+ years of experience in security engineering, detection engineering, or a closely related field
- Hands-on experience building or maintaining SIEM infrastructure and writing detection rules
- Strong Python engineering skills with a track record of writing production code reviewed and shipped alongside software engineering teams
- Experience conducting security incident investigations, including malware analysis, log review, and timeline reconstruction and threat modeling
- Experience with corporate security controls, identity management, endpoint protection, and access control enforcement
Preferred Requirements
- Experience with SIEM/SOAR options such as Elastic/Splunk or alternatives
- Familiarity with identity platforms such as Okta
- Strong understanding of authentication technology such as OAuth, Yubikey and Passkey
- Experience with Zero-Trust network architecture or VPN implementation
- Demonstrated use of AI coding tools to build or automate security workflows
- Experience in a small security team or fast-paced startup environment
- Familiarity with AWS and cloud-native security tooling
Benefits
- Medical/dental/vision coverage
- Equity refreshers
- Remote work reimbursement
- Paid time off
- Employee assistance programs
Additional Information: We are accepting applications on an ongoing basis. Quora offers a wide range of benefits including medical/dental/vision coverage, equity refreshers, remote work reimbursement, paid time off, employee assistance programs, and more. Benefits are country-specific and may vary. There are many factors that will determine the starting pay, including but not limited to experience, location, education, and business needs. US candidates only: For US based applicants, the salary range is $172,279 - $249,640 USD + equity + benefits. Canada candidates only: For Toronto and Vancouver based applicants, the salary range is $220,272 - $255,347 CAD + equity + benefits. For all other locations in Canada, the salary range is $205,587 - $238,324 CAD + equity + benefits. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. AI technology may assist in sorting applications and recording interview notes, but all decisions are made by a member of our team. To ensure a secure hiring process, all final candidates will undergo identity verification and a comprehensive background check prior to onboarding.