Member of Technical Staff - Incident Detection & Response

Описание вакансии

Our Mission

Reflection’s mission is to build open superintelligence and make it accessible to all.

We’re developing open weight models for individuals, agents, enterprises, and even nation states. Our team of AI researchers and company builders come from DeepMind, OpenAI, Google Brain, Meta, Character.AI, Anthropic and beyond.

Role Overview

Reflection is looking for a Member of Technical Staff - Incident Detection & Response to build our detection and response capabilities from the ground up. You will have a high level of autonomy to architect solutions and drive them through both technical and organizational adversity. This role is ideal for an engineer who thrives in high-ownership, low-structure environments and has a strong "0 to 1" mindset.

Key Responsibilities

• Establish and lead the IDR/DFIR function, bringing an opinionated perspective on how to build a world-class program from scratch
• Design and build the IDR infrastructure required to collect, aggregate, and route logs across geographically disparate Kubernetes clusters hosted across multiple cloud providers
• Develop high-fidelity alerting systems that balance large log volumes with the need to minimize alert fatigue
• Identify risks and implement mitigations for agentic AI assistants (e.g., OpenClaw, Claude Code) and protect critical assets like model weights and training data.
• Develop containment mechanisms and entity-tracking pipelines that span laptops, SaaS platforms, and cloud/Kube infrastructure
• Develop, maintain, and test incident response playbooks

Required Qualifications

• Experience bootstrapping an IDR or DFIR function from scratch
• Familiarity with modern SIEM/SOAR systems
• Experience working with various EDR/XDR platforms
• Strong proficiency in macOS and Linux environments
• Extensive experience working with diverse log sources including but not limited to GCP, AWS, Azure, Google Workspace, major SaaS platforms, and neocloud providers such as Together.ai, Anyscale, VoltagePark, Nvidia, GMI Cloud, etc.
• Expertise in managing and building on Kubernetes clusters, including deploying and managing IDR tooling in multi-cloud Kubernetes environments
• Well-founded opinions on how to detect and mitigate risk around agentic AI assistants
• Familiarity with browser and memory forensics techniques
• Experience with major telemetry aggregation, filtering, and routing systems such as Cribl or BindPlane
• Comfort with Python and Golang

What We Offer:

We believe that to build superintelligence that is truly open, you need to start at the foundation. Joining Reflection means building from the ground up as part of a small talent-dense team. You will help define our future as a company, and help define the frontier of open foundational models.

We want you to do the most impactful work of your career with the confidence that you and the people you care about most are supported.

• Top-tier compensation: Salary and equity structured to recognize and retain the best talent globally.
• Health & wellness: Comprehensive medical, dental, vision, life, and disability insurance.
• Life & family: Fully paid parental leave for all new parents, including adoptive and surrogate journeys. Financial support for family planning.
• Benefits & balance: paid time off when you need it, relocation support, and more perks that optimize your time.
• Opportunities to connect with teammates: lunch and dinner are provided daily. We have regular off-sites and team celebrations.