
Senior Security Engineer
Mixpanel's Information Security Team — a small, high-impact group building a frictionless security program — is hiring a Senior Security Engineer to serve as the domain expert for Detection & Response. You will integrate telemetry from across the ecosystem (Product, Cloud, Corporate Infrastructure, Identity) into a unified, high-fidelity detection and response engine, and act as the primary technical lead for security incidents during EMEA hours. The team operates at the intersection of business strategy and technical execution, with a broad generalist skill set spanning vulnerability management, threat detection and access management, and a constant focus on automation. Compensation range: £103,000 - £139,500 GBP total target cash, plus equity.
Responsibilities
- ▹Own the Detection & Response domain, integrating telemetry across Product, Cloud, Corporate Infrastructure and Identity into a unified detection and response engine
- ▹Translate high-level project requirements and technical scoping documents into actionable milestones, managing delivery and cross-functional results
- ▹Design and implement precise, actionable alerting within Google Security Operations (SIEM/SOAR), treating detections as code at high data volume
- ▹Develop detection logic and playbooks against application-layer abuse, customer account takeover (ATO) and sophisticated social engineering
- ▹Serve as primary technical lead for security incidents during EMEA hours, driving investigations, containment and cross-functional communication
- ▹Evolve the threat intelligence program by identifying relevant adversaries and translating tactical intel into proactive SIEM/SOAR logic
- ▹Maintain the operational health and telemetry flow of the core security stack, including SentinelOne, GCP Security Command Center and Mimecast Incydr
Requirements
- ▹Security engineering foundations across Product, Cloud and Corporate Security, including IAM, threat modeling and secure code reviews
- ▹Deep understanding of the detection-as-code lifecycle and turning raw telemetry into precise, actionable alerting for a high-scale SaaS environment
- ▹Operational execution: managing a high volume of daily security tasks, from vulnerability triage to investigating suspicious activity
- ▹Proficiency with the Google Cloud Platform ecosystem (Cloud Logging, BigQuery, Pub/Sub) for automated security data pipelines
- ▹Python proficiency for automated workflows and API-based tool integration; comfort leveraging AI/LLMs for autonomous security workflows such as alert enrichment, incident summarization and AI-assisted code analysis
Nice to have
- ▹Threat intelligence maturity: dark web monitoring, brand protection and adversary tactics integrated into automated workflows
- ▹Security outreach and mentorship, e.g. leading Security Champions initiatives
- ▹Deception and canary strategies (honeytokens, canary credentials, fake internal endpoints)
- ▹Experience with enterprise security tools such as EDR, email security gateways and cloud-native security command centers
- ▹Experience defending high-volume SaaS/analytics-scale environments
- ▹Offensive security exposure: vulnerability coordination platforms, automated external scanning, bug bounty program findings
Soft skills
What we offer
- ▹Total target cash compensation of £103,000 - £139,500 GBP plus equity
- ▹Comprehensive medical, vision and dental care
- ▹Mental wellness benefit
- ▹Generous vacation policy and additional company holidays
- ▹Enhanced parental leave
- ▹Volunteer time off
About the company
Mixpanel turns data clarity into innovation. Trusted by more than 29,000 companies, including Workday, Pinterest, LG and Rakuten Viber, its AI-first digital analytics platform combines product and web analytics, session replay, experimentation, feature flags and metric trees. Mixpanel has raised $277M from investors such as Andreessen Horowitz, Sequoia, YC and Bain Capital.