Logo for Writer

Security engineer, detection and response (UK)

Role overview

Qualifications

  • 3-5+ years in security operations, detection engineering, or incident response, with 3+ years securing AI/ML infrastructure or distributed systems at scale
  • Strong programming skills in Python, KQL, SPL, or similar languages to build custom detections and automate response workflows
  • Experience with SIEM platforms, detection technologies, and forensic investigation techniques; ability to develop detections for novel attack techniques and conduct forensics in distributed environments
  • Self-directed, proactive security mindset with a track record of securing high-value IP, automating incident response, and collaborating across security, infrastructure, and AI research teams

Responsibilities

  • Design and implement detection strategies for AI-specific threats (prompt injection, model extraction, data poisoning, adversarial examples, and unauthorized access to training data or model weights) across distributed infrastructure
  • Build automated response playbooks and orchestration workflows to contain threats with minimal human intervention and auto-remediate compromised inference endpoints
  • Lead security incident response across Cloud, AppSec, Enterprise, and AI Security; coordinate investigations of training pipeline attacks and model manipulation, and draft incident communications for engineering and leadership
  • Proactively hunt for threats across GPU clusters and training infrastructure, analyze model outputs for signs of compromise, reproduce AI-specific vulnerabilities, and close visibility gaps

About the company

Writer logo

Writer

Writer is the generative AI platform for enterprises. We empower your people β€” product, operations, support, marketing, HR, and more β€” to maximize creativity and 10x productivity by transforming the way they work.Our secure platform snaps easily into your business data sources and delivers accurate answers and content that are fine-tuned on your own data and follow your own AI guardrails. We put generative AI in people’s hands right where they work so they can create, analyze, and govern with ease.Our platform is enterprise-grade, doesn’t use or share your data, and features open and transparent LLMs that are Writer-built and deployable in a variety of ways, including self-hosted. We're compliant with SOC 2 Type II, GDPR, HIPAA, and PCI, and are deployed at leading enterprises, including Intuit, Spotify, L’Oreal, Uber, and Deloitte. Visit us at writer.com.

Company details

Company typeScaleup
Company size51 - 200

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

πŸš€ About WRITER

WRITER is where the world's leading enterprises orchestrate AI-powered work. Our vision is to expand human capacity through superintelligence. And we're proving it's possible – through powerful, trustworthy AI that unites IT and business teams together to unlock enterprise-wide transformation. With WRITER's end-to-end platform, hundreds of companies like Mars, Marriott, Uber, and Vanguard are building and deploying AI agents that are grounded in their company's data and fueled by WRITER's enterprise-grade LLMs. Valued at $1.9B and backed by industry-leading investors including Premji Invest, Radical Ventures, and ICONIQ Growth, WRITER is rapidly cementing its position as the leader in enterprise generative AI.

Founded in 2020 with office hubs in San Francisco, New York City, Austin, Chicago, and London, our team thinks big and moves fast, and we're looking for smart, hardworking builders and scalers to join us on our journey to create a better future of work with AI.

πŸ“ About the role

Join WRITER's security team as a staff detection and response engineer and help protect the AI infrastructure that's transforming how the world works. You'll build sophisticated detection systems that identify attacks targeting our AI platform, training data, and model deployments while creating automated response capabilities that scale with our explosive growth. This isn't just traditional security work – you're defending cutting-edge AI/AGI systems against adversaries who are evolving their tactics as fast as AI itself advances.

This role combines hands-on security engineering with strategic thinking to stay ahead of novel threats that don't exist in textbooks yet. You'll be the operational arm of our security function, translating threat intelligence into real-time detections, coordinating incident response across multiple teams, and hunting for sophisticated attacks across GPU clusters and distributed training environments. If you're excited by the challenge of securing systems that are fundamentally different from anything you've protected before, this is your opportunity to define what AI security engineering looks like at scale.

You'll work closely with our AI Security research team, Cloud Infrastructure, Software Security Engineering, and AI researchers to build a defense-in-depth strategy that protects one of the most valuable AI platforms in the industry. The threats are real, the stakes are high, and the problems are intellectually fascinating.

This role can be based in San reporting to our head of security operations.

πŸ¦ΈπŸ»β€β™€οΈ What you’ll do

  • Design and implement detection strategies that identify AI-specific threats including prompt injection, model extraction, data poisoning, adversarial examples, and unauthorized access to training datasets or model weights across our distributed infrastructure

  • Build automated response playbooks and orchestration workflows that contain threats without human intervention, creating self-healing security systems that reduce mean time to response from hours to minutes while automatically remediating compromised inference endpoints

  • Lead security incident response coordination across all teams (Cloud, AppSec, Enterprise, AI Security) when AI infrastructure or models are compromised, conducting forensic investigations on training pipeline attacks and model manipulation attempts while drafting clear incident communications for engineering and executive leadership

  • Hunt proactively for sophisticated threats across GPU clusters and training infrastructure by analyzing model outputs for signs of compromise, reproducing AI-specific vulnerabilities from security research, and identifying visibility gaps in distributed training environments before adversaries exploit them

  • Build detection-as-code frameworks with version control and automated deployment, onboard telemetry from AI training infrastructure and inference endpoints, and create dashboards that track model security metrics, GPU utilization patterns, and access to sensitive research data

  • Collaborate cross-functionally as the operational security partner for all teams – translating AI Security's threat research into production detections, monitoring Cloud Infrastructure's GPU clusters for threats, detecting customer-impacting incidents for Software Security Engineering, and enabling responsible AI development through security guardrails

  • Maintain 24/7 on-call rotation for critical AI security incidents, responding to real-time threats targeting our platform while continuously improving detection coverage and automation capabilities as our AI systems evolve

⭐️ What you need

  • 3-5+ years in security operations, detection engineering, or incident response with a proven track record of identifying and stopping sophisticated attacks in production environments, plus 3+ years specifically securing AI/ML infrastructure, high-performance computing environments, or other distributed systems at scale

  • Strong programming skills in Python, KQL, SPL, or similar languages that allow you to build custom detection logic, automate response workflows, and create tools that operationalize security at scale across cloud-native and distributed computing environments

  • Experience with SIEM platforms, detection technologies, and forensic investigation techniques with demonstrated ability to build detection for novel attack techniques that don't have established patterns yet and to conduct forensics in complex distributed environments

  • Self-directed execution mindset with a track record of securing high-value intellectual property, automating incident response in complex environments, and identifying critical security gaps through proactive threat hunting before they become incidents

  • Deep alignment with WRITER's values – you naturally Connect across security, infrastructure, and AI research teams to build comprehensive defenses, you Challenge assumptions about what's possible in AI security engineering, and you Own the protection of our AI platform with unwavering accountability and a commitment to staying ahead of evolving threats

🍩 Benefits & perks (UK full-time employees):

  • Generous PTO, plus company holidays

  • Comprehensive medical and dental insurance

  • Paid parental leave for all parents (16 weeks)

  • Fertility and family planning support

  • Early-detection cancer testing through Galleri

  • Competitive pension scheme and company contribution

  • Annual work-life stipends for:

    • Wellness stipend for gym, massage/chiropractor, personal training, etc.

    • Learning and development stipend

  • Company-wide off-sites and team off-sites

  • Competitive compensation and company stock options

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
Β·

Security Engineer Related jobs

Other jobs at Writer

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.