Security Engineer, Automation

About Mercor

Mercor is defining the future of work. We partner with leading AI labs and enterprises to provide the human intelligence essential to AI development. Our vast talent network trains frontier AI models in the same way teachers teach students: by sharing knowledge experience and context that cant be captured in code alone. Today more than 30000 experts in our network collectively earn over $2 million a day.

Mercor is creating a new category of work where expertise powers AI advancement. Achieving this requires an ambitious fast-paced and deeply committed team. Youll work alongside researchers operators and AI companies at the forefront of shaping the systems that are redefining society. Mercor is a profitable Series C company valued at $10 billion. We work in-person five days a week in our San Francisco NYC or London offices.

Youll be the force multiplier for a security team that needs to operate like its three times its size. There are secrets to migrate to Vault detection rules to write SAST/DAST pipelines to tune lifecycle workflows to automate and security tooling to integrate across every surface. This is not a DevOps role with a security label. Youll build the automation layer that makes a lean security team operate at multiples of its size - writing the pipelines integrations and tooling that eliminate manual work and accelerate every security function.

We use AI heavily in our own security work. You should be comfortable building alongside AI code-gen tools using LLMs to accelerate development and treating automation as the default answer to any repeatable process. If you see a manual workflow and immediately think about how to script it youll fit in here.

Were in-person five days a week at our SF headquarters with first Fridays remote.

What Youll Build:

• Secrets migration pipelines - moving application secrets into HashiCorp Vault with zero downtime

• Security orchestration and automated response (SOAR) workflows - connecting alerts from Panther SIEM SentinelOne EDR and Wiz CSPM into automated investigation and response playbooks

• SAST/DAST pipeline tuning - reducing false positives integrating findings into developer workflows and building feedback loops that improve signal over time

• Identity lifecycle automation - onboarding/offboarding workflows that provision and deprovision access across 53 SaaS applications via Okta

• Detection-as-code pipelines - version-controlled detection rules that deploy through CI/CD with testing and validation built in

• Security metrics and reporting dashboards - automated collection of KPIs that give leadership visibility without manual spreadsheet work

What Were Looking For

• Youve built automation that a security team relies on daily - not just proof-of-concept scripts

• Strong software engineering skills in Python TypeScript or Go - you write production-quality code with tests error handling and documentation

• Experience with CI/CD systems (GitHub Actions CircleCI or similar) - youve built pipelines not just used them

• Familiarity with secrets management (HashiCorp Vault AWS Secrets Manager) - migration rotation and dynamic credential patterns

• Experience integrating security tools via APIs - SIEMs EDR CSPM identity providers ticketing systems

• You understand detection engineering well enough to write and tune rules even if its not your primary focus

• 5 years of professional experience in security engineering security automation DevSecOps or software engineering with a security focus

Bonus Points

• Experience with SOAR platforms or building custom orchestration workflows

• Familiarity with infrastructure-as-code (Terraform CloudFormation) and GitOps patterns

• Experience automating compliance evidence collection (SOC 2 ISO 27001)

• Youve built integrations between identity providers (Okta Azure AD) and downstream systems

• Background in detection engineering - writing Sigma rules Panther detections or similar

• Youve measured and demonstrated the ROI of security automation in a previous role

Why Mercor

• Maximum leverage. Every automation you build multiplies the output of the entire security team. Youll see direct measurable impact on team capacity.

• AI-native automation. Youll use frontier AI tools daily - for code generation pipeline development and anything that benefits from an AI co-pilot.

• Ownership from day one. Youll own the entire security automation domain - from secrets management to SOAR to detection pipelines.

• See the future early. Working alongside AI labs means youll understand frontier model capabilities months before the market.

Benefits

• Equity ownership in a high-growth profitable company

• Relocation support to San Francisco NYC or London as needed

• Housing support near our SF office

• Daily meal stipend

• Premium fitness membership at Equinox

• Comprehensive health insurance

Required Experience:

IC