Lead Security Detection Response Engineer

Why Join AngelList  We’re solving some of the hardest problems in venture capital and private markets. You’ll work with a team that values precision, urgency, and long-term thinking. If you want to shape how startups are funded and built, this is the place. About AngelList We exist to accelerate innovation by increasing the number of successful startups in the world. We do this by building the financial infrastructure that makes it easier for more people to invest in world-changing companies. AngelList is the nexus of venture capital and the startup community. We support $171B+ in assets and have powered investments into over 13,000 startups—over 300 of which are unicorns. Today, 57% of top-tier U.S. VC deals involve investors on AngelList. While our scale is large, our ambition is larger. If you're excited to build the future of private markets, come build with us. About the Role At AngelList, security is a creative function. You'll design systems that see what others miss. You'll write detection logic that actually means something. You'll build workflows that put the right alert in front of the right person at the right moment, not a firehose of noise that everyone learns to ignore. This role has enormous scope. You'll work across product, infrastructure, and support. You'll decide what "good" looks like for how we respond to threats, both the obvious ones and the weird edge cases that keep you up at night. You'll be the person who notices the pattern before it becomes a problem. We're looking for someone who sees AI as a lever, not a threat. Someone who's already thinking about how detection and response changes when you can automate judgment, not just rules. Someone who finds the current security playbook boring, because it is. You'll report to the Head of Security and operate as a strategic partner, not a ticket-taker. If you want to reinvent what this function can be, we want to talk. What You Will Do

Build and operate the full detection and response stack, from log ingestion to incident triage

Develop, tune, and maintain high-signal detection rules based on AngelList’s top risks

Respond to and lead investigation of security events, including cross-functional incident coordination

Automate alert triage workflows and reduce manual operational overhead

Continuously hunt for threats and improve our ability to detect and respond to novel attacks

Create tools to gather telemetry data from production systems and surface meaningful signals

Author and maintain runbooks and incident playbooks to drive consistency and clarity in response

Harness AI to scale triage, detection, and response—while understanding its blind spots

What We’re Looking For

7+ years of experience in security monitoring, incident response, and threat hunting in cloud environments

Experience leading complex investigations with multiple stakeholders

Demonstrated ownership of a full detection and response function

Broader experience across other security engineering disciplines (e.g., product security, infra)

Expertise in AWS security controls and services

Deep understanding of SIEM and SOAR platforms and their configuration

Familiarity with offensive techniques and real-world compromise scenarios

Strong working knowledge of adversary TTPs and MITRE ATT&CK

Hands-on experience with log analysis, anomaly detection, and correlation at scale

Operating system internals and forensic analysis (Linux, macOS, Windows)

Ability to analyze endpoint, network, and application telemetry

Experience scripting or coding to automate detection and triage workflows

Familiarity with DevOps toolsets and production environments

Clear, concise communicator who can work across technical and non-technical teams

Leadership mindset with a strong bias toward action and results