Anti Abuse Engineer

Responsibilities

• Monitor inbound abuse signals across platform telemetry, HackerOne reports, and internal alerting pipelines
• Triage abuse cases end-to-end, assessing severity, classifying actor types, and routing response tracks
• Lead incident response efforts, coordinating with Platform and Infrastructure teams for containment and remediation
• Build and tune detection logic against platform telemetry, including Postgres query patterns and auth anomalies
• Automate repetitive triage and response actions to reduce manual toil and increase response speed
• Conduct thorough post-incident reviews and maintain incident runbooks to ensure scalable response

Requirements

• 3+ years of experience in security operations, trust & safety, or abuse-focused engineering at a cloud-native company
• Hands-on experience with detection logic, including writing rules and tuning thresholds in complex environments
• Proven ability to manage end-to-end incident response (triage, containment, communication, and postmortems)
• Proficiency in SQL and a scripting language, with a strong preference for Python
• Deep familiarity with abuse techniques such as credential stuffing, account takeover (ATO), and API scraping

Preferred Qualifications

• Experience with Postgres, PostgREST, or Supabase platform internals
• Experience building or operating a multi-tenant abuse detection or trust & safety platform
• Familiarity with threat intelligence feeds and IOC enrichment pipelines
• Exposure to modern SIEM tooling such as Splunk, Datadog, or Scanner.dev

Benefits

• Fully remote work environment with a WeWork membership or co-working allowance
• Equity ownership (ESOP) for every team member
• Tech allowance to set up your ideal workspace
• 100% covered health insurance for employees and 80% for dependents
• Annual company-wide off-sites for connection and collaboration
• Annual professional development and education allowance

About the Company

Supabase is the Postgres development platform, built by developers for developers. We provide a complete backend solution including Database, Auth, Storage, Edge Functions, Realtime, and Vector Search. We are a globally distributed, remote-first team dedicated to the open-source ecosystem.