Senior Security Incident Detection Engineer

This opportunity would be with Tools for Humanity. About the Orb

Worldcoin's launch requires a "Proof-of-Personhood" : a way to determine someone is human (not a bot) and hasn't already claimed their free share of Worldcoin.

This is why we developed the Orb.

Applying for this role is straight forward Scroll down and click on Apply to be considered for this position.

The Orb is an advanced biometric imaging device, custom-designed for Worldcoin's launch. Orbs are deployed to a global network of operators, who use the device to onboard new Worldcoin users.

During this onboarding, the Orb generates an encoding of each user's iris and submits it to Worldcoin's backend. For more details on how the Orb is part of Worldcoin's privacy-preserving approach to Proof-of-Personhood, see the Worldcoin whitepaper.

The Orb solves a fierce combination of engineering and UX challenges, centered around image quality, security, and ease-of-use.

Each device has an advanced iris imaging system, designed to work consistently across real-world lighting conditions. An additional suite of sensors feeds into an onboard fraud detection system, enabling use in insecure environments.

These systems are combined in a sleek industrial design with a simple, minimalist user interface.

About the Team

For Worldcoin to launch successfully on a global scale, we need to both ensure fairness and build trust with our users. Therefore, it is essential to prevent fraud, protect privacy, and ensure availability.

Beyond regular company security the goal of security at Worldcoin is to deploy an edge device to unsecured environments. We consider a wide range of threats that span tampering with the device, spoofing the device as well as backend attacks.

The cross-disciplinary nature of this team requires interfacing with various other teams across the company including Economics, AI, Backend and Orb Software.

We are a small security team and you will have a huge impact!

About the Opportunity

• Engineer and manage solutions to bolster our security incident detection and response capabilities.
• Engage in proactive threat assessments and purple team activities
• Develop and maintain a robust detection as code SIEM strategy
• Perform security audits on business applications and in-house systems to identify visibility gaps and advanced custom detection signals
• Provide valuable insights into the organization's security posture

About You

• Expert-level proficiency with SIEM solutions, capable of architecting monitoring dashboards and fine-tuning alerting systems for low-noise, high-impact incident detection.
• Expert experience threat modeling and threat hunting to proactively advance the organization’s security posture
• Ability to write and maintain detection as code and develop complex, high fidelity custom detection signals
• Proficient in creating and executing security audits on business applications and internal systems, with the ability to drive actionable improvements based on audit findings.
• A strong advocate for security awareness, capable of designing and leading internal programs to elevate organizational security consciousness.
• 7+ years of hands-on experience in Detection Engineering or closely related roles.

Nice To Have :

• Previous experience in leading purple team initiatives or incident response simulations.
• Demonstrable scripting skills in languages like Python, Bash, or Go to automate tasks and develop custom tooling.
• Experience in leading or mentoring less experienced team members in the realm of security operations.
• Experience with regulatory compliance standards such as SOC 2, ISO 27001 or GDPR.
• A portfolio of public talks, blogs, or research papers on relevant security topics is a plus.

J-18808-Ljbffr