Supabase
51 - 200 employees
Founded 2020
☁️ SaaS
🔌 API
🤖 Artificial Intelligence
💰 $80M Series B on 2022-05
SaaS • API • Artificial Intelligence
Supabase is an open source alternative to Firebase, providing a range of backend tools designed to help developers start and scale their applications effectively. It offers features such as a full Postgres database, authentication with Row Level Security, instant APIs, Edge Functions for custom code, real-time data synchronization, and storage for large files. Developers can integrate machine learning models, utilize RESTful APIs, and take advantage of platform-integrated best of breed products. Supabase is designed to be highly portable, extendable, and user-friendly, making it a powerful choice for startups and enterprises looking to innovate quickly and efficiently.
Anti Abuse Engineer
Job not on LinkedIn
🔥 0 minutes ago
📊 Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
Supabase
51 - 200 employees
Founded 2020
☁️ SaaS
🔌 API
🤖 Artificial Intelligence
💰 $80M Series B on 2022-05
SaaS • API • Artificial Intelligence
Supabase is an open source alternative to Firebase, providing a range of backend tools designed to help developers start and scale their applications effectively. It offers features such as a full Postgres database, authentication with Row Level Security, instant APIs, Edge Functions for custom code, real-time data synchronization, and storage for large files. Developers can integrate machine learning models, utilize RESTful APIs, and take advantage of platform-integrated best of breed products. Supabase is designed to be highly portable, extendable, and user-friendly, making it a powerful choice for startups and enterprises looking to innovate quickly and efficiently.
📋 Description
• Monitor inbound abuse signals across platform telemetry, HackerOne reports, support queues, and internal alerting pipelines. • Triage abuse cases end-to-end, assessing severity and blast radius, classifying actor types, and routing to the correct response track. • Own the abuse case queue with clear SLAs to ensure no active threats age out without a definitive decision. • Identify complex patterns across distinct cases that point toward coordinated campaigns or emerging attack techniques. • Lead response efforts for active abuse incidents, coordinating closely with Platform and Infrastructure teams to execute containment actions and drive remediation to closure. • Write clear, timely communications to affected users and internal stakeholders throughout the lifecycle of an incident. • Conduct thorough post-incident reviews, feeding findings back into detection rules, runbooks, and platform controls. • Maintain and improve incident runbooks to ensure response execution is consistent, scalable, and reproducible across time zones. • Build and tune detection logic against platform telemetry and Supabase-native data sources, including Postgres query patterns, Edge Function invocations, auth anomalies, and storage abuse. • Automate repetitive triage and response actions to aggressively reduce manual toil, increase response speed, and improve consistency. • Contribute to the Anti-Abuse Platform architecture, optimizing the blocklist schema, the remediation action ladder (L1–L4), and enforcement pipelines. • Instrument metrics for detection coverage and alert fidelity, closely tracking false positive rates, detection latency, and remediation time. • Maintain and improve the abuse operations toolchain, including case management systems, escalation workflows, and engineering reporting dashboards. • Partner with Core Engineering to design and implement platform-layer controls that eliminate abuse vectors by design rather than by reactive response. • Support Supabase for Platforms (SfP) customers by operationalizing the centralized Anti-Abuse platform for enterprise-grade use cases.
🎯 Requirements
• 3+ years of experience in a security operations, trust & safety, or abuse-focused engineering role at a cloud-native product or platform company. • Possess hands-on experience with detection logic, including writing rules, tuning thresholds, and reducing noise in high-volume, highly complex signal environments. • Demonstrate a proven ability to run incident response end-to-end (triage, containment, communication, and postmortems). • Are proficient in SQL and a scripting language (Python heavily preferred) for log analysis, pattern detection, and building automation workflows. • Are deeply familiar with abuse actor techniques, such as credential stuffing, account takeover (ATO), compute abuse, exfiltration, and spam/phishing infrastructure. • Thrive operating async-first in a globally distributed team — you write clearly, default to explicit documentation, and close loops without needing reminders.
🏖️ Benefits
• Fully Remote • ESOP • Tech Allowance • Health Benefits • Annual Off-Sites • Flexible Work • Professional Development
Apply Now
