Staff Software Engineer - Trust Incident Management

Join us to transform the way the world works. 

At LinkedIn, our approach to flexible work is centered on trust and optimized for culture, connection, clarity, and the evolving needs of our business. The work location of this role is hybrid, meaning it will be performed both from home and from a LinkedIn office on select days, as determined by the business needs of the team. 

This role will be hybrid in LinkedIn's Mountain View campus.

LinkedIn is home to the world’s largest professional community, and keeping it safe requires world-class defense. The Trust Incident Management team leads LinkedIn’s response to fraud, abuse, and emerging threats, combining engineering excellence with rapid incident response to protect our members at scale. We build and operate the systems that detect, mitigate, and prevent sophisticated attacks in real time. Our work is fast-paced, technically challenging, and directly impacts the trust and safety of over a billion professionals worldwide. 

What You’ll Work On 

• Adversarial engineering at scale. Bad actors evolve daily. You’ll design and ship defenses that stay ahead of sophisticated, coordinated attacks targeting a billion-member platform. 

• High-signal, high-stakes detection. Build systems that separate real threats from noise in real time, with immediate impact on member safety. 

• Novel abuse patterns. From credential theft to coordinated inauthentic behavior, you’ll tackle problems that don’t have playbooks yet. 

• Cross-functional collaboration. Work alongside data scientists, investigators, and platform engineers to dismantle threat actor operations end-to-end. 

Responsibilities 

• Orchestrate the response to large-scale, sophisticated attacks, defining investigation directions, coordinating workstreams across teams, and holding the broader team accountable for timely resolution. 

• Design and build scalable detection and mitigation systems that operate 24x7, improving techniques that surface new or unknown threats with reliable precision, recall, and speed. Deliver production-quality code that is well-tested, peer-reviewed, and continuously integrated. 

• Create and champion analytical research approaches, threat modeling workflows, and automation that can be adopted across teams to strengthen defense posture. 

• Drive cross-team consensus on defense trade-offs, using data to navigate competing concerns such as product growth impact, false positive rates, and defense coverage gaps, across engineering, data science, policy, and legal stakeholders. Balance immediate incident response with long-term defense strategy, accounting for how mitigation decisions affect attacker behavior over time. 

• Serve as incident commander for complex attacks, maintaining investigation quality under pressure and creating efficiencies in intake, escalation, and risk communication. 

• Provide technical leadership and mentorship, guiding the team on technology choices, process decisions, and engineering best practices while fostering a culture of continuous improvement.