Security Intelligence Engineer

Grammarly offers a dynamic hybrid working model for this role. This flexible approach gives team members the best of both worlds: plenty of focus time along with in-person collaboration that helps foster trust, innovation, and a strong team culture.

Grammarly is the world’s leading AI writing assistance company trusted by over 40 million people and 50,000 organizations. From instantly creating a first draft to perfecting every message, Grammarly helps people at 96% of the Fortune 500 and teams at companies like Atlassian, Databricks, and Zoom get their point across—and get results—with best-in-class security practices that keep data private and protected. Founded in 2009, Grammarly is No. 14 on the Forbes Cloud 100, one of TIME’s 100 Most Influential Companies, one of Fast Company’s Most Innovative Companies in AI, and one of Inc.’s Best Workplaces.

We're looking for a Security Engineer to join our Security Intelligence Team to achieve our ambitious goals. This role will contribute to our Security Intelligence team as an experienced, hands-on practitioner across offensive security, threat intelligence, threat hunting, and detection engineering. You'll plan, execute, and debrief complex security operations, leveraging those insights to enhance our threat mitigation capabilities and build robust, automated security tooling across all Grammarly environments.

Additionally, you'll own key workstreams in executing and advancing our security vision, translating strategic objectives into tactical implementations through strong technical execution and innovative solution building, with particular emphasis on automation and AI-powered security solutions. You'll conduct research across security domains and automation technologies, identifying opportunities to enhance our capabilities through cutting-edge approaches and intelligent automation. Finally, you'll bring an attacker mindset into Grammarly's engineering and security culture, bridging the gap between offensive operations and defensive capabilities while driving forward our automation-first security approach.

Grammarly’s engineers and researchers have the freedom to innovate and uncover breakthroughs—and, in turn, influence our product roadmap. The complexity of our technical challenges is growing rapidly as we scale our interfaces, algorithms, and infrastructure. You can hear more from our team on our technical blog.

As a Security Engineer, you will:

• Plan, execute, and debrief offensive security operations, translating insights into enhanced defensive capabilities across corporate and production environments
• Build and maintain automated threat detection systems, AI-driven alert triage solutions, and security intelligence pipelines that scale with business growth
• Conduct threat hunting and detection engineering, developing detection-as-code, hunting-as-code, and intelligence-as-code capabilities.
• Research and develop cutting-edge security automation and AI-powered security solutions to deepen and scale our ability to identify threats, including autonomous security agents.
• Operate without traditional scope limitations, following attacker kill chains to uncover security gaps that scoped teams miss.
• Lead complex security investigations, including insider threat scenarios and sophisticated attack campaigns.
• Maintain incident response capabilities and serve as part of the Incident Command on-call schedule.
• Develop and deliver threat intelligence that informs security decisions across all business areas.
• Embed attacker mindset thinking throughout the organization through education and collaboration with engineering teams.
• Develop and own major workstreams like Insider Threat Attack Simulation, Deception Operations, and Automated Threat Intelligence.

• Has 3- 8+ years of relevant experience in security engineering, with expertise across multiple disciplines including offensive security, threat intelligence, threat hunting, or detection engineering.
• Strong automation and development skills in Python, Go, or similar languages, with experience building production security tooling.
• Deep knowledge of AWS cloud security architecture.
• Experience with CI/CD security integration, identity and access management concepts, and security orchestration.
• Background in AI/ML applications for security, including experience with or interest in developing autonomous security systems.
• Proven incident response leadership and complex security investigation experience.
• Research mindset with an ability to identify novel attack vectors and develop creative, pragmatic solutions.
• Thrives in ambiguous environments and can deliver meaningful results at a rapid pace while managing multiple competing priorities.
• Strong intuition for security risk prioritization and ability to translate technical findings into business impact.
• Embodies our EAGER values—is ethical, adaptable, gritty, empathetic, and remarkable.
• Is inspired by our MOVE principles: move fast and learn faster; obsess about creating customer value; value impact over activity; and embrace healthy disagreement rooted in trust.

Grammarly offers all team members competitive pay along with a benefits package encompassing the following and more: 

• Excellent health care (including a wide range of medical, dental, vision, mental health, and fertility benefits)
• Disability and life insurance options
• 401(k) and RRSP matching 
• Paid parental leave
• 20 days of paid time off per year, 12 days of paid holidays per year, two floating holidays per year, and flexible sick time
• Generous stipends (including those for caregiving, pet care, wellness, your home office, and more)
• Annual professional development budget and opportunities

Grammarly takes a market-based approach to compensation, which means base pay may vary depending on your location. Our US locations are categorized into two compensation zones based on proximity to our hub locations.

Base pay may vary considerably depending on job-related knowledge, skills, and experience. The expected salary ranges for this position are outlined below by compensation zone and may be modified in the future.

United States: