Lead Software Engineer II - Platform Anti-Abuse

Lead Software Engineer II - Platform Anti-Abuse

About this team

Klaviyo takes the security of our customers and the prevention of fraud and abuse stemming from the use of our platform as one of our utmost priorities. With our global reach comes no shortage of risk. By working alongside a team of talented Engineers, Data Scientists, and Security Specialists in the space of Abuse Detection and Prevention, you'll play a key role in ensuring that our platform maintains a strong security posture and prevents abuse before it impacts the unsuspecting citizens of the world.

The Platform Anti-Abuse team provides reusable platform services that allow product and feature teams to tap into the very best of what's available to make sure that if their functionality could be used to compromise the safety of our customers or their customers, they'll know about it and can shut it down before threat actors and attackers have a chance to do harm. This involves a mix of going hands-on with our existing stack alongside greenfield development, and requires an inquisitive and determined mind to help keep us one step ahead of those who would sign up to use our platform to phish, smish, and otherwise mislead compromised targets into giving up valuable information and endanger their livelihoods.

Members of this team work across our entire R&D department and alongside many of our Security teams in a relentless pursuit of ensuring that our platform stays secure, our customers stay confident in Klaviyo, and their customers stay safe in all of their transactions.

How you'll make a difference

• Partner with Engineers and PMs across R&D to build services and tools to automate the prevention of fraud and abuse inside our platform.
• Partner with Data Scientists to bring new Machine Learning models to life to assist with automated abuse-prevention workflows.
• Partner with our internal Risk, Security, and Compliance teams to make use of their expertise alongside your own to ensure the safety of our platform and our customers.
• Define strategies for leveraging existing detection and prevention systems alongside influencing and building net-new tools and services to combat malicious actors.
• Work across all of Klaviyo to not just ship code, but fully integrate solutions into our existing UX and product workflows throughout the entirety of the customer journey - from signup to account closure and everything in between.

Who you are

• A highly experienced software engineer with over 10 years of practice with the art of writing and delivering high quality software, including stand alone platform-available services alongside reusable tools and scripts.
• Deeply familiar with means of detecting, stymieing, and preventing fraudulent and malicious users from engaging in data exfiltration, list spamming, and other harmful techniques.
• Deeply familiar with modern practices, tools, and third party services which service the space of detecting and preventing abuse within SaaS platforms.
• Extensive experience with preventing fraud and abuse within the domains of Email, SMS, and other communication channels with a focus on reputation management at scale.
• Experienced with working across multiple stakeholders across various functions in large scale, high priority projects where strong coordination and timely communication are valued at a premium.
• Experienced with API design (REST / GRPC) and management.
• Familiar with ML Modelling and working with Data Scientists to design, create, tune, and productionalize real-world models to detect and assist with prevention of abusive or malicious content.
• Familiar with design principles and best practices involving Event Based Architecture.
• Comfortable leveraging existing systems alongside building new solutions to deliver on your mission to keep our platform from being used for harm.
• Capable of developing and delivering short and long term roadmaps while partnering with product managers and security specialists.
• Python, Django, and Go.
• K8s.
• MySQL and Snowflake.
• Terraform.
• Grafana and Splunk.

Nice to have

• Experience with service hardening techniques such as Penetration and Vulnerability testing.
• Experience with secure software architecture patterns.
• Experience writing and tuning high performance SQL queries over large datasets.
• Experience with OCR and Image Recognition technologies and algorithms.
• Experience with User Behavior Modeling and Anomaly Detection.
• Experience generating / using deep learning embeddings, such as those based on text.
• Experience working with OpenCTI and similar systems.