Software Engineer II - Platform Anti-Abuse

Klaviyo

Software Engineer II - Platform Anti-Abuse

Reposted An Hour Ago

Easy Apply

Be an Early Applicant

Boston MA USA

Hybrid

116K-174K Annually

Mid level

Consumer Web • eCommerce • Marketing Tech • Retail • Software • Analytics • Generative AI

Best place for ambitious people to learn and grow.

The Role

As a Software Engineer II you will build detection and enforcement systems against fraud and abuse focusing on security and compliance within Klaviyo's platform working with Python and Go.

Summary Generated by Built In

At Klaviyo we value the unique backgrounds experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit klaviyo.com/careers to see how we empower creators to own their own destiny.

Team overview

The Core Infrastructure – Identity & Organizations (Core IO) pillar owns the foundational substrate for identity access organizations and platform integrity at Klaviyo. We manage the critical path of the user journey from login to enforcing permissions to operating within the correct organization and regional context so that the rest of the platform can move fast and stay secure.

Within Core IO the Platform Anti-Abuse (PAA) team defends Klaviyo's customers their recipients and Klaviyo's brand by preventing fraud abuse and violations of our Acceptable Use Policy and Terms of Service across all channels. We build the automated detection systems rules-driven enforcement services and shared platform tooling that keep Klaviyo's platform safe; and we partner closely with Compliance Security and product teams to make "doing the safe thing" the default for every new surface and API.

Why this role is exciting

Fight real adversaries at scale: Abuse patterns evolve constantly;bad actors adapt and so must your systems. You will build detection and enforcement capabilities that respond to emerging fraud patterns across email SMS and other channels combining rules signals and ML to stay one step ahead.
Your work is the platform's safety net: The rules engine and enforcement services your team owns are consumed by messaging campaigns flows and nearly every sending channel at Klaviyo. Improvements you make protect millions of email and SMS recipients and directly affect platform trust and deliverability.
Work at the intersection of rules ML and systems engineering: This role is unusually broad technically. You will build high-throughput Go services Python rules pipelines and integrate ML-based classifiers for content and URL abuse. Few platform roles combine adversarial problem-solving with this range of systems work.
Automate policy enforcement at scale: Manual compliance review doesn't scale. We are building systems that automatically evaluate accounts against our Acceptable Use Policy and trigger the right enforcement actions; reducing human bottlenecks and making enforcement consistent across account types.

What you'll do

As a Software Engineer II on the Platform Anti-Abuse team you will:

Own features end-to-end across design implementation rollout and observability for abuse detection and enforcement capabilities; rules classifiers enforcement pipelines and the platform services that other teams plug into.
Extend abuse enforcement to new product surfaces: Help bring anti-abuse rules and enforcement to product areas where coverage is currently limited ensuring consistent policy application across channels.
Build content and link abuse detection systems: Help design and implement detection capabilities for malicious URLs abusive image content and other content-level signals;combining perceptual hashing ML model integrations and rule-based approaches.
Contribute to AUP automation and enforcement pipelines: Help build and scale the systems that automatically evaluate accounts against our Acceptable Use Policy reducing reliance on manual compliance review.
Improve platform anti-abuse infrastructure: Evolve microservices rules orchestration layer and abuse observability pipelines; making them faster more reliable and easier for the team and compliance stakeholders to operate.
Help define and refine standards for how other teams integrate with PAA's detection and enforcement APIs; so product teams can add abuse coverage to new areas without reinventing detection logic per service.
Collaborate closely with partner teams: Work with Identity & Access Management (IAM) on authentication & authorization signals with Organizations on account lifecycle and policy enforcement and with Security and Compliance on AUP/TOS enforcement patterns.
Improve reliability and observability of anti-abuse services by instrumenting metrics and alerts maintaining abuse impact dashboards and contributing to on-call rotations and incident reviews.

Who you are

You are a mid-level software engineer who has shipped and supported production systems and who is motivated by building defenses against real-world fraud and abuse.

Experienced systems builder: You have 2-5+ years of professional software engineering experience including building and operating backend or full-stack services in production.
Strong fundamentals and debugging skills: You are comfortable reasoning about data models API design concurrency and failure modes and you can dig through logs metrics and traces to identify root causes and implement systemic fixes.
Security and abuse motivated: You are energized by adversarial problem spaces;fraud detection policy enforcement content moderation and want to build systems that anticipate bad actors rather than just react to them.
Platform and signal mindset: You think about detection not just as individual rules but as a system of signals coverage and feedback loops. You like building shared enforcement APIs and detection pipelines that product teams plug into making abuse prevention a reusable capability rather than something each team reimplements.
Ownership and collaboration: You take responsibility for outcomes not just code. You are comfortable driving a project end-to-end coordinating with Compliance and Security stakeholders and communicating trade-offs clearly in design docs and pull requests.
You've already experimented with AI in work or personal projects and you're excited to dive in and learn fast. You're hungry to responsibly explore new AI tools and workflows.

Minimum qualifications

2-5+ years of professional software engineering experience.
Proficiency in at least one of Python or Go and comfort working on backend and/or service-oriented systems including web services or APIs backed by relational databases and/or caches (e.g. MySQL Postgres Redis).
Comfort reasoning about detection classification or enforcement systems;whether rules engines content evaluation or risk signals and the trade-offs between precision recall and system performance.
Exposure to CI/CD pipelines and modern development workflows (code review testing deployments on-call participation or support).

Nice to have

You don't need all of these but experience in any of the following is a bonus:

Experience building detection or classification systems; rules engines content classifiers anomaly detection or fraud/risk scoring and reasoning about signal quality false positive rates and coverage.
Familiarity with ML model integration in production systems: calling model endpoints processing outputs in rules pipelines and monitoring model-driven decisions.
Working with cloud-native infrastructure (AWS Kubernetes Terraform or similar) and building services designed to run at scale.
Exposure to compliance or policy enforcement domains (AUP/TOS enforcement content moderation fraud detection) and how platform decisions in these areas are made and measured.
Familiarity with observability stacks (Grafana Datadog Sentry Splunk) and using them to drive reliability and detection-quality improvements.
Interest or experience in adjacent Core IO domains like Identity & Access Management or Organizations especially where they intersect with account security fraud signals and org lifecycle.

Technologies we use (not exhaustive)

Many of these you'll use on day one; others you'll have opportunities to learn:

Languages & frameworks: Python Django Go.
Infrastructure & platform: AWS Kubernetes Terraform rules engine and enforcement service platform.
Data & observability: MySQL Postgres Redis Kafka/event-driven messaging Grafana Sentry Splunk internal logging and metrics pipelines.

About Klaviyo

Klaviyo is a world-leading marketing automation platform that helps online businesses grow by building direct high-fidelity relationships with their customers over owned channels like email SMS and web. We make it easy for brands to store access analyze and act on their data to power highly targeted communications and long-term customer value.

This is a full-time onsite role based at Klaviyo's headquarters in Boston MA.

Klaviyo is committed to building a diverse and inclusive team and does not tolerate discrimination harassment or retaliation of any kind.

Massachusetts Applicants:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors including the applicant’s job-related skills relevant experience education or training and work location.

In addition to base salary our total compensation package may include participation in the company’s annual cash bonus plan variable compensation (OTE) for sales and customer success roles equity sign-on payments and a comprehensive range of health welfare and wellbeing benefits based on eligibility.

Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process.

Base Pay Range For US Locations:

$116000—$174000 USD

This role may require up to 10% travel for purposes such as new hire onboarding client or partner work if applicable team meetings and industry events. Travel is coordinated in advance.

Get to Know Klaviyo

We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career where you’ll be welcomed as your whole self from day one and supported with generous benefits we hope you’ll join us.

AI fluency at Klaviyo includes responsible use of AI (including privacy security bias awareness and human-in-the-loop). We provide accommodations as needed.

By participating in Klaviyo’s interview process you acknowledge that you have read understood and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data see our Job Applicant Privacy Notice.

Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race ethnicity citizenship national origin color religion or religious creed age sex (including pregnancy) gender identity sexual orientation physical or mental disability veteran or active military status marital status criminal record genetics retaliation sexual harassment or any other characteristic protected by applicable law.

IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment bank details or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com) instant messaging platforms or unsolicited calls.

By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice. If you do not wish for Klaviyo to process your Personal Data please do not submit an application. You can find our Job Applicant Privacy Notice here and here (FR).

Skills Required

2-5+ years of professional software engineering experience
Proficiency in at least one of Python or Go
Comfort with backend and service-oriented systems including web services or APIs backed by relational databases
Experience with detection classification or enforcement systems

What the Team is Saying

View all jobs at Klaviyo

View Klaviyo Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

Boston MA

2400 Employees

Year Founded: 2012

What We Do

Klaviyo (NYSE: KVYO) is the B2C CRM. Powered by its built-in data platform and AI Klaviyo combines marketing automation analytics and customer service into one unified solution making it easy for businesses to know their customers and grow faster. Klaviyo (CLAY-vee-oh) helps over 183000 brands like Mattel Glossier Daily Harvest and Liquid Death deliver 1:1 experiences at scale improve efficiency and drive revenue.

Why Work With Us

We refer to our employees as ‘Klaviyos’ and we make up a diverse community united around shared values: We’re curious collaborative driven innovative fun and fully ourselves at work. No matter which team you join your work won’t just impact Klaviyo. It’ll help empower our customers and enable creators across the globe to own their destinies.