Anti Abuse Engineer

This is a fully remote position, open to applicants in Asia.

📋 Description

• Oversee incoming abuse signals across platform telemetry, HackerOne submissions, support queues, and internal alerting systems.

• Manage abuse cases from start to finish, evaluating severity and impact, classifying types of actors, and directing to the appropriate response pathway.

• Take ownership of the abuse case queue with defined SLAs to ensure timely resolution of active threats without allowing them to age without a conclusive decision.

• Recognize intricate patterns across various cases that indicate coordinated campaigns or new attack methodologies.

• Spearhead response initiatives for ongoing abuse incidents, closely collaborating with Platform and Infrastructure teams to implement containment measures and ensure successful remediation.

• Compose clear and timely communications to both affected users and internal stakeholders throughout the incident lifecycle.

• Perform comprehensive post-incident analyses, integrating insights back into detection protocols, operational procedures, and platform controls.

• Enhance and maintain incident runbooks to guarantee consistent, scalable, and reproducible response execution across different time zones.

• Develop and refine detection logic utilizing platform telemetry and Supabase-native data sources, including Postgres query patterns, Edge Function calls, authentication anomalies, and storage misuse.

• Automate repetitive triage and response processes to significantly reduce manual tasks, accelerate response times, and improve consistency.

• Contribute to the architecture of the Anti-Abuse Platform by optimizing the blocklist schema, remediation action ladder (L1–L4), and enforcement workflows.

• Implement metrics for detection coverage and alert accuracy, closely monitoring false positive rates, detection speed, and remediation duration.

• Manage and enhance the abuse operations toolchain, which includes case management systems, escalation workflows, and engineering reporting dashboards.

• Collaborate with Core Engineering to design and implement platform-layer controls that proactively eliminate abuse vectors rather than relying on reactive measures.

• Assist Supabase for Platforms (SfP) customers by operationalizing the centralized Anti-Abuse platform for enterprise-level applications.

⛳️ Requirements

• A minimum of 3 years of experience in security operations, trust & safety, or abuse-focused engineering roles within a cloud-native product or platform organization.

• Hands-on experience with detection logic, including crafting rules, adjusting thresholds, and minimizing noise in high-volume, complex signal environments.

• Proven track record of managing incident response processes from start to finish (triage, containment, communication, and postmortems).

• Proficient in SQL and a scripting language (Python is strongly preferred) for log analysis, pattern recognition, and creating automation workflows.

• Well-versed in abuse actor techniques such as credential stuffing, account takeover (ATO), compute abuse, data exfiltration, and spam/phishing infrastructure.

• Excel in asynchronous operations within a globally distributed team — you communicate clearly, prioritize explicit documentation, and follow through on tasks without needing reminders.

🏝️ Benefits

• Fully Remote

• ESOP

• Tech Allowance

• Health Benefits

• Annual Off-Sites

• Flexible Work

• Professional Development