Senior Security Engineer

Mixpanel
London; UK ( ), GB
Hybrid

Who this role is best for

Best suited to senior security engineers with expertise in cloud data and automation, working in a high-impact, lean team environment in London.

Best fit for

  • Security generalists comfortable balancing compliance with proactive initiatives.
    — “strategically balance necessary compliance work with proactive initiatives
  • Engineers who thrive in small teams with high ownership.
    — “We are a lean team by design, and we succeed or fail together
  • Candidates with deep detection-as-code lifecycle experience.
    — “A deep understanding of the detection-as-code lifecycle

Things to consider

  • Primary technical lead for security incidents during EMEA hours.
    — “Serve as the primary technical lead for security incidents during EMEA hours
  • Requires proficiency in Google Cloud Platform ecosystem.
    — “Proficiency with the Google Cloud Platform ecosystem

How to stand out

  • Demonstrate experience integrating AI into security workflows.
    — “leveraging AI and LLMs to build autonomous security workflows
  • Highlight specific examples of threat intelligence integration.
    — “Experience evaluating and embedding external intelligence
  • Showcase mentorship or security outreach initiatives.
    — “Experience leading "Security Champions" initiatives
Pace · Fast PacedCollaboration · HighAutonomy · HighDecision Impact · CompanyLevel · Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • Build a unified detection and response engine
  • Develop specialized detection logic
  • Ensure operational health of security stack
Typical background
security engineeringdetection & response

Skills & requirements

Required

Detection & ResponseSiem/soarThreat DetectionAccess ManagementVulnerability ManagementAutomationGoogle Security Operations

Preferred

Cloud SecurityIdentity And Access ManagementSecure Code Reviews

Stack & domain

Security EngineeringDetection And ResponseTelemetryGoogle Security OperationsSiem/soarThreat IntelligenceSentineloneGcp Security Command CenterMimecast IncydrIdentity (iam)Threat ModelingSecure Code ReviewsCommunicationTeamworkAdaptabilitySecurityCloud Security

About the role

Original posting from Mixpanel via Greenhouse

About Mixpanel

Mixpanel turns data clarity into innovation. Trusted by more than 29,000 companies, including Workday, Pinterest, LG, and Rakuten Viber, Mixpanel’s AI-first digital analytics help teams accelerate adoption, improve retention, and ship with confidence. Powering this is an industry-leading platform that combines product and web analytics, session replay, experimentation, feature flags, and metric trees. Mixpanel delivers insights that customers trust. Visit mixpanel.com to learn more.

About the Information Security Team

We believe security isn't just a function—it's a platform for bold ideas. The Information Security Team at Mixpanel is a small, high-impact group committed to building a frictionless security program that serves as a model for our company and the broader industry. This is a team for those who are never satisfied, who dream big, and who have the resilience to see those ideas through.

We operate at the intersection of business strategy and technical execution, where we are critical partners to every team at Mixpanel. Our work requires a broad, generalist skill set across vulnerability management, threat detection, and access management. We strategically balance necessary compliance work with proactive initiatives, with a constant focus on automation as the path to a more efficient security program.

We use our expertise in a variety of well-known security platforms and tools to create seamless, automated processes that empower our peers. We are a lean team by design, and we succeed or fail together, committed to transparent communication and a strong sense of ownership.

Responsibilities

Domain Ownership: Serve as the domain expert for Detection & Response, integrating telemetry from across our entire ecosystem—including Product, Cloud, Corporate Infrastructure, and Identity—to build a unified, high-fidelity detection and response engine.

Technical Project Execution: Translate high-level project requirements and technical scoping documents into actionable milestones, managing task delivery and driving cross-functional results.

Architect Modern Detection: Design and implement precise, actionable alerting within Google Security Operations (SIEM/SOAR), treating detections as code and ensuring they scale with our high-volume data ingestion.

Combat Modern Threats: Develop specialized detection logic and playbooks to identify and mitigate application-layer abuses, customer account-targeted events (ATO), and sophisticated social engineering.

Operational Lead (EMEA): Serve as the primary technical lead for security incidents during EMEA hours, driving investigations, containment efforts, and cross-functional communication.

Build Threat Intelligence: Evolve Mixpanel’s threat intelligence program by identifying relevant adversaries and translating tactical intel into proactive SIEM/SOAR logic.

Infrastructure Management: Ensure the operational health and telemetry flow of our core security stack—including SentinelOne, GCP ****Security Command Center, and Mimecast Incydr—to maintain continuous visibility and alerting integrity.

We're Looking For Someone Who Has

Security Engineering Foundations: Experience operating across the core pillars of a modern security program—including Product, Cloud, and Corporate Security. You are comfortable navigating Identity (IAM), threat modeling, and secure code reviews as part of a unified team.

Detection & Response Specialization: A deep understanding of the detection-as-code lifecycle. You have experience turning raw telemetry into precise, actionable alerting and building the infrastructure required to defend a high-scale SaaS environment.

Operational Execution: The ability to manage a high volume of daily security tasks. You are prepared to handle a diverse range of responsibilities—from triaging vulnerabilities and policy violations to investigating suspicious activity across the entire stack.

Cloud Data Proficiency: Proficiency with the Google Cloud Platform ecosystem (specifically Cloud Logging, BigQuery, and Pub/Sub) to build automated security data pipelines and maintain visibility across high-volume environments.

Modern Automation & AI: Proficiency in Python to develop automated workflows and integrate security tools via APIs. You are comfortable leveraging AI and LLMs to build autonomous security workflows—such as automated alert enrichment, intelligent incident summarization, and AI-assisted code analysis—to drastically reduce time-to-context.

Bonus Points For

Threat Intelligence Maturity: Experience evaluating and embedding external intelligence—including dark web monitoring, brand protection, and adversary tactics—into a security program. You know how to identify where a specific intelligence source provides the most defensive value and how to integrate that data into automated workflows.

Security Outreach & Mentorship: Experience leading "Security Champions" initiatives or a demonstrated ability to elevate the security IQ of non-security teams. You help others think critically about threat identification and telemetry—explaining the "why" behind visibility requirements when building new features or onboarding third-party vendors.

Deception & Canary Strategies: Familiarity with deploying deception techniques (e.g., honeytokens, canary credentials, or "fake" internal endpoints) to provide high-fidelity signals of unauthorized lateral movement or credential misuse.

Platform & Infrastructure Experience: Prior experience with enterprise-grade security tools such as Endpoint Detection & Response (EDR), Email Security gateways, and Cloud-native Security Command Centers.

SaaS & Analytics Scale: Experience defending an environment with massive, high-volume data ingestion and complex user-access patterns similar to Mixpanel’s architecture.

Offensive Security Exposure: Experience with vulnerability coordination platforms, automated external scanning, or managing findings from bug bounty programs.

 

Compensation

The amount listed below is the total target cash compensation (TTCC) and includes base compensation and variable compensation in the form of either a company bonus or commissions. Variable compensation type is determined by your role and level. In addition to the cash compensation provided, this position is also eligible for equity consideration and other benefits including medical, vision, and dental insurance coverage. You can view our benefits offerings here.

Our salary ranges are determined by role and level and are benchmarked to the SF Bay Area Technology data cut released by Radford, a global compensation database. The range displayed represents the minimum and maximum TTCC for new hire salaries for the position across all of our US locations. To stay on top of market conditions, we refresh our salary ranges twice a year so these ranges may change in the future. Within the range, individual pay is determined by experience, job-related skills, qualifications, and other factors. If you have questions about the specific range, your recruiter can share this information.

Mixpanel Compensation Range£103,000—£139,500 GBPBenefits and Perks

Comprehensive Medical, Vision, and Dental Care

Mental Wellness Benefit

Generous Vacation Policy & Additional Company Holidays

Enhanced Parental Leave

Volunteer Time Off

Additional US Benefits: Pre-Tax Benefits including 401(K), Wellness Benefit, Holiday Break

*please note that benefits and perks for contract positions will vary*

Culture Values

Make Bold Bets: We choose courageous action over comfortable progress.

Innovate with Insight: We tackle decisions with rigor and judgment - combining data, experience and collective wisdom to drive powerful outcomes.

One Team: We collaborate across boundaries to achieve far greater impact than any of us could accomplish alone.

Candor with Connection: We build meaningful relationships that enable honest feedback and direct conversations.

Champion t

Source: Mixpanel careers (Greenhouse)

Similar roles