opengreenhousegreylock
Senior AI Security Engineer
Obsidian Security
LocationManchester, UK
Last observed2026-06-13 05:23:19.488237
Job idgreylock-obsidian-security:greenhouse:5256452008
Obsidian Security is the leading SaaS security platform, trusted by global enterprises like Snowflake, T-Mobile, and Algolia. We protect 200+ organizations across North America, Europe, the Middle East, Southeast Asia, Australia, and New Zealand, including many of the world’s largest Fortune 1000 and Global 2000 companies. Founded in 2017 and backed by top investors like Greylock, Obsidian was built to close a critical gap: securing SaaS apps where business happens—Microsoft 365, Salesforce, and hundreds more. The company does this by offering a complete SaaS security platform to reduce risk, detect and respond to threats, and prevent breaches at the source. Obsidian was built by leaders who redefined endpoint and identity security at CrowdStrike, Okta, Cylance, and Carbon Black. Now, they’re transforming how SaaS is secured. With AI driving rapid SaaS growth and complexity, agentic AI tools gain privileged access to sensitive data through integrations, creating new risks most security tools miss. Obsidian uniquely detects anomalous OAuth token activity and manages integration risks. Major announcements are on the horizon. Recognizing that SaaS security needs to evolve, Obsidian enables growing organizations to start with a lightweight, prevention-focused browser extension and expand coverage over time. With global momentum, a growing partner ecosystem including SentinelOne, Databricks, and Google Cloud, and a major fundraise ahead, Obsidian is scaling rapidly toward long-term growth and IPO readiness. About the Role This is a security-depth role on our Manchester engineering team. We collect rich telemetry from hundreds of SaaS and AI platforms — and we're looking for someone who can look at that data and ask questions no one has asked before. Your core contribution is security insight: understanding how SaaS and AI platforms are built, how they're abused, and how the signals we collect can be used in novel ways to solve real customer security problems. You'll work alongside a team of data engineers, advising on what's worth detecting and building prototype approaches to prove it out. You need to be a competent engineer — comfortable writing SQL, Python, and working with large datasets — not at the level of a dedicated data engineer, but independently capable. Your edge is security knowledge and creative thinking; the data skills are the table stakes that let you exercise it. What you'll do Develop deep expertise in how major SaaS and AI platforms are structured, how they handle identity and access, and where security risk concentrates — then translate that into detection and posture logic for our product. Look across the telemetry we collect and identify novel ways to use it: new signals, new correlations, new approaches to catching misconfigurations or risky behaviour that existing tools miss. Advise the engineering team on what security controls matter and why — acting as the security compass that helps the team prioritise what to build. Prototype new detection approaches in SQL and Python to validate ideas before they're productised. Stay close to the attacker perspective — tracking how threats against SaaS and AI platforms evolve and ensuring our coverage stays ahead of them. Debug security-related issues in customer environments, bringing both data fluency and security judgment to ambiguous problems. What we're looking for Requirements: 4+ years in cybersecurity, with a focus on SaaS platforms, cloud security, identity systems, or application security. A track record of original thinking — you've found things other people missed, whether in research, red teaming, bug bounty, or product security work. Strong understanding of how SaaS platforms (Google Workspace, Microsoft 365, Salesforce, Okta, or similar) work under the hood: API structures, permission models, authentication flows. Solid SQL and Python skills — you won't be the one building the pipelines, but you need to be able to query large datasets, write detection
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.