Security Engineer, Automation
Role Overview
As a Security Engineer focused on automation at Mercor, you will develop solutions to enhance the efficiency of the security team, effectively amplifying its capabilities. This senior-level role involves building pipelines for secrets migration, automating security workflows, and integrating security tools to eliminate manual processes. Your contributions will directly impact the effectiveness and scalability of security operations within the organization.
Perks & Benefits
Mercor offers equity ownership in a profitable company, along with relocation support to major cities such as San Francisco, NYC, or London. Employees enjoy a daily meal stipend, premium fitness memberships, and comprehensive health insurance. The role allows for remote work flexibility on specific days, fostering a culture of innovation and ownership from day one, especially in leveraging AI tools for automation.
Full Job Description
About Mercor
Mercor is defining the future of work. We partner with leading AI labs and enterprises to provide the human intelligence essential to AI development.
Our vast talent network trains frontier AI models in the same way teachers teach students: by sharing knowledge, experience, and context that can't be captured in code alone. Today, more than 30,000 experts in our network collectively earn over $2 million a day.
Mercor is creating a new category of work where expertise powers AI advancement. Achieving this requires an ambitious, fast-paced and deeply committed team. You’ll work alongside researchers, operators, and AI companies at the forefront of shaping the systems that are redefining society.
Mercor is a profitable Series C company valued at $10 billion. We work in-person five days a week in our San Francisco, NYC, or London offices.
You'll be the force multiplier for a security team that needs to operate like it's three times its size. There are secrets to migrate to Vault, detection rules to write, SAST/DAST pipelines to tune, lifecycle workflows to automate, and security tooling to integrate across every surface. This is not a DevOps role with a security label. You'll build the automation layer that makes a lean security team operate at multiples of its size - writing the pipelines, integrations, and tooling that eliminate manual work and accelerate every security function.
We use AI heavily in our own security work. You should be comfortable building alongside AI code-gen tools, using LLMs to accelerate development, and treating automation as the default answer to any repeatable process. If you see a manual workflow and immediately think about how to script it, you'll fit in here.
We're in-person five days a week at our SF headquarters, with first Fridays remote.
What You'll Build:
Secrets migration pipelines - moving application secrets into HashiCorp Vault with zero downtime
Security orchestration and automated response (SOAR) workflows - connecting alerts from Panther SIEM, SentinelOne EDR, and Wiz CSPM into automated investigation and response playbooks
SAST/DAST pipeline tuning - reducing false positives, integrating findings into developer workflows, and building feedback loops that improve signal over time
Identity lifecycle automation - onboarding/offboarding workflows that provision and deprovision access across 53+ SaaS applications via Okta
Detection-as-code pipelines - version-controlled detection rules that deploy through CI/CD, with testing and validation built in
Security metrics and reporting dashboards - automated collection of KPIs that give leadership visibility without manual spreadsheet work
What We're Looking For
You've built automation that a security team relies on daily - not just proof-of-concept scripts
Strong software engineering skills in Python, TypeScript, or Go - you write production-quality code with tests, error handling, and documentation
Experience with CI/CD systems (GitHub Actions, CircleCI, or similar) - you've built pipelines, not just used them
Familiarity with secrets management (HashiCorp Vault, AWS Secrets Manager) - migration, rotation, and dynamic credential patterns
Experience integrating security tools via APIs - SIEMs, EDR, CSPM, identity providers, ticketing systems
You understand detection engineering well enough to write and tune rules, even if it's not your primary focus
5+ years of professional experience in security engineering, security automation, DevSecOps, or software engineering with a security focus
Bonus Points
Experience with SOAR platforms or building custom orchestration workflows
Familiarity with infrastructure-as-code (Terraform, CloudFormation) and GitOps patterns
Experience automating compliance evidence collection (SOC 2, ISO 27001)
You've built integrations between identity providers (Okta, Azure AD) and downstream systems
Background in detection engineering - writing Sigma rules, Panther detections, or similar
You've measured and demonstrated the ROI of security automation in a previous role
Why Mercor
Maximum leverage. Every automation you build multiplies the output of the entire security team. You'll see direct, measurable impact on team capacity.
AI-native automation. You'll use frontier AI tools daily - for code generation, pipeline development, and anything that benefits from an AI co-pilot.
Ownership from day one. You'll own the entire security automation domain - from secrets management to SOAR to detection pipelines.
See the future early. Working alongside AI labs means you'll understand frontier model capabilities months before the market.
Benefits
Equity ownership in a high-growth, profitable company
Relocation support to San Francisco, NYC, or London as needed
Housing support near our SF office
Daily meal stipend
Premium fitness membership at Equinox
Comprehensive health insurance
Similar jobs
Found 6 similar jobs