Detection & CorpSec Engineer; Remote

[ Quora is a privately held, "remote-first" company. This position can be performed remotely from anywhere in Canada or the United States. Please visit  for details regarding employment eligibility by country. ]

Quora’s mission is to grow the world's collective intelligence. To do so, we have two platforms:

• Quora: a global knowledge sharing platform with over 300M monthly unique visitors, bringing people together to share insights on various topics and providing a unique platform to learn and connect with others.
• Poe: a platform providing millions of global users with one place to chat, explore and build with a wide variety of AI language models (bots), including GPT-5.4, Claude-Opus-4.6, Gemini-3.1-Pro, Nano-Banana-Pro, Veo-3.1, and more. As AI capabilities rapidly advance, Poe provides a single platform to instantly integrate and utilize these new models.

Behind these products are passionate, collaborative, and high-performing global teams. We have a culture rooted in transparency, idea-sharing, and experimentation that allows us to celebrate success and grow together through meaningful work. Join us on this journey to create a positive impact and make a significant change in the world.

This role will be supporting both our Quora and Poe products.

Quora's Security team is responsible for protecting the company's most critical assets from both external threats and insider risks. We're a small, high-ownership team with a pragmatic, builder-oriented approach: we build where commercial solutions don't fit, leverage AI to work efficiently at scale, and move fast to stay ahead of real-world threats.

We're looking for a Detection & Corporate Security Engineer to strengthen both our preventative and detection capabilities across corporate and production environments. This is a genuinely hybrid role: you'll build and maintain detection systems while also owning the corporate security controls that protect our employee fleet and internal infrastructure. You'll work closely with our IT team, collaborate with existing security engineers on production-side coverage, and serve as a trusted security advisor to non-technical teams across the organization.

• Build and maintain a SIEM to collect and analyze logs from across corporate and production systems; write and deploy detections and alerts to identify malicious behavior.
• Design and deploy canary tokens and early warning mechanisms to detect threats before they reach critical assets.
• Investigate security incidents end-to-end — including malware analysis, exfiltration assessment, and timeline reconstruction — and build runbooks to scale response capabilities.
• Partner with IT to define and enforce security standards across the employee device fleet, including endpoint protection, managed device requirements, OS compliance, and VPN access controls.
• Drive the PoC and implementation of Zero-Trust VPN and other corporate security infrastructure.
• Provide security guidance and advisory support to non-engineering functions across the organization.

• Availability for meetings and impromptu communication during Quora's “coordination hours” (Mon-Fri: 9am-3pm Pacific Time).
• 5+ years of experience in security engineering, detection engineering, or a closely related field.
• Hands‑on experience building or maintaining SIEM infrastructure and writing detection rules.
• Experience with endpoint security tools (e.g. Crowd Strike or similar EDR platforms).
• Strong Python engineering skills with a track record of writing production code reviewed and shipped alongside software engineering teams.
• Experience conducting security incident investigations, including malware analysis, log review, and timeline reconstruction and threat modeling.
• Experience with corporate security controls, identity management, endpoint protection, and access control enforcement.

• Experience with SIEM/SOAR options such as Elastic/Splunk or alternatives.
• Familiarity with identity platforms such as Okta.
• Strong understanding of authentication technology such as OAuth, Yubikey and Passkey.
• Experience with Zero-Trust network architecture…