T&S Pro Voices is back. Meet our second featured professional 👉
Klaviyo logo

Software Engineer II - Platform Anti-Abuse

Klaviyo
3 hours ago
Full-time
On-site
Boston, Massachusetts, United States
$116,000 - $174,000 USD yearly
Engineer

At Klaviyo, we value the unique backgrounds, experiences and perspectives each Klaviyo (we call ourselves Klaviyos) brings to our workplace each and every day. We believe everyone deserves a fair shot at success and appreciate the experiences each person brings beyond the traditional job requirements. If you’re a close but not exact match with the description, we hope you’ll still consider applying. Want to learn more about life at Klaviyo? Visit klaviyo.com/careers to see how we empower creators to own their own destiny.

Team overview

The Core Infrastructure – Identity & Organizations (Core IO) pillar owns the foundational substrate for identity, access, organizations, and platform integrity at Klaviyo. We manage the critical path of the user journey from login, to enforcing permissions, to operating within the correct organization and regional context so that the rest of the platform can move fast and stay secure.

Within Core IO, the Platform Anti-Abuse (PAA) team defends Klaviyo's customers, their recipients, and Klaviyo's brand by preventing fraud, abuse, and violations of our Acceptable Use Policy and Terms of Service across all channels. We build the automated detection systems, rules-driven enforcement services, and shared platform tooling that keep Klaviyo's platform safe; and we partner closely with Compliance, Security, and product teams to make "doing the safe thing" the default for every new surface and API.

Why this role is exciting

  • Fight real adversaries at scale: Abuse patterns evolve constantly;bad actors adapt, and so must your systems. You will build detection and enforcement capabilities that respond to emerging fraud patterns across email, SMS, and other channels, combining rules, signals, and ML to stay one step ahead.
  • Your work is the platform's safety net: The rules engine and enforcement services your team owns are consumed by messaging, campaigns, flows, and nearly every sending channel at Klaviyo. Improvements you make protect millions of email and SMS recipients and directly affect platform trust and deliverability.
  • Work at the intersection of rules, ML, and systems engineering: This role is unusually broad technically. You will build high-throughput Go services, Python rules pipelines, and integrate ML-based classifiers for content and URL abuse. Few platform roles combine adversarial problem-solving with this range of systems work.
  • Automate policy enforcement at scale: Manual compliance review doesn't scale. We are building systems that automatically evaluate accounts against our Acceptable Use Policy and trigger the right enforcement actions; reducing human bottlenecks and making enforcement consistent across account types.

What you'll do

As a Software Engineer II on the Platform Anti-Abuse team, you will:

  • Own features end-to-end across design, implementation, rollout, and observability for abuse detection and enforcement capabilities; rules, classifiers, enforcement pipelines, and the platform services that other teams plug into.
  • Extend abuse enforcement to new product surfaces: Help bring anti-abuse rules and enforcement to product areas where coverage is currently limited, ensuring consistent policy application across channels.
  • Build content and link abuse detection systems: Help design and implement detection capabilities for malicious URLs, abusive image content, and other content-level signals;combining perceptual hashing, ML model integrations, and rule-based approaches.
  • Contribute to AUP automation and enforcement pipelines: Help build and scale the systems that automatically evaluate accounts against our Acceptable Use Policy, reducing reliance on manual compliance review.
  • Improve platform anti-abuse infrastructure: Evolve microservices, rules orchestration layer, and abuse observability pipelines; making them faster, more reliable, and easier for the team and compliance stakeholders to operate.
  • Help define and refine standards for how other teams integrate with PAA's detection and enforcement APIs; so product teams can add abuse coverage to new areas without reinventing detection logic per service.
  • Collaborate closely with partner teams: Work with Identity & Access Management (IAM) on authentication & authorization signals, with Organizations on account lifecycle and policy enforcement, and with Security and Compliance on AUP/TOS enforcement patterns.
  • Improve reliability and observability of anti-abuse services by instrumenting metrics and alerts, maintaining abuse impact dashboards, and contributing to on-call rotations and incident reviews.

Who you are

You are a mid-level software engineer who has shipped and supported production systems, and who is motivated by building defenses against real-world fraud and abuse.

 

  • Experienced systems builder: You have 2-5+ years of professional software engineering experience, including building and operating backend or full-stack services in production.
  • Strong fundamentals and debugging skills: You are comfortable reasoning about data models, API design, concurrency, and failure modes, and you can dig through logs, metrics, and traces to identify root causes and implement systemic fixes.
  • Security and abuse motivated: You are energized by adversarial problem spaces;fraud detection, policy enforcement, content moderation and want to build systems that anticipate bad actors rather than just react to them.
  • Platform and signal mindset: You think about detection not just as individual rules but as a system of signals, coverage, and feedback loops. You like building shared enforcement APIs and detection pipelines that product teams plug into making abuse prevention a reusable capability rather than something each team reimplements.
  • Ownership and collaboration: You take responsibility for outcomes, not just code. You are comfortable driving a project end-to-end, coordinating with Compliance and Security stakeholders, and communicating trade-offs clearly in design docs and pull requests.
  • You've already experimented with AI in work or personal projects, and you're excited to dive in and learn fast. You're hungry to responsibly explore new AI tools and workflows.

Minimum qualifications

  • 2-5+ years of professional software engineering experience.
  • Proficiency in at least one of Python or Go, and comfort working on backend and/or service-oriented systems, including web services or APIs backed by relational databases and/or caches (e.g., MySQL, Postgres, Redis).
  • Comfort reasoning about detection, classification, or enforcement systems;whether rules engines, content evaluation, or risk signals and the trade-offs between precision, recall, and system performance.
  • Exposure to CI/CD pipelines and modern development workflows (code review, testing, deployments, on-call participation or support).

Nice to have

You don't need all of these, but experience in any of the following is a bonus:

 

  • Experience building detection or classification systems; rules engines, content classifiers, anomaly detection, or fraud/risk scoring and reasoning about signal quality, false positive rates, and coverage.
  • Familiarity with ML model integration in production systems: calling model endpoints, processing outputs in rules pipelines, and monitoring model-driven decisions.
  • Working with cloud-native infrastructure (AWS, Kubernetes, Terraform, or similar) and building services designed to run at scale.
  • Exposure to compliance or policy enforcement domains (AUP/TOS enforcement, content moderation, fraud detection) and how platform decisions in these areas are made and measured.
  • Familiarity with observability stacks (Grafana, Datadog, Sentry, Splunk) and using them to drive reliability and detection-quality improvements.
  • Interest or experience in adjacent Core IO domains like Identity & Access Management or Organizations, especially where they intersect with account security, fraud signals, and org lifecycle.

Technologies we use (not exhaustive)

Many of these you'll use on day one; others you'll have opportunities to learn:

 

  • Languages & frameworks: Python, Django, Go.
  • Infrastructure & platform: AWS, Kubernetes, Terraform, rules engine and enforcement service platform.
  • Data & observability: MySQL, Postgres, Redis, Kafka/event-driven messaging, Grafana, Sentry, Splunk, internal logging and metrics pipelines.

About Klaviyo

Klaviyo is a world-leading marketing automation platform that helps online businesses grow by building direct, high-fidelity relationships with their customers over owned channels like email, SMS, and web. We make it easy for brands to store, access, analyze, and act on their data to power highly targeted communications and long-term customer value.

This is a full-time, onsite role based at Klaviyo's headquarters in Boston, MA.

Klaviyo is committed to building a diverse and inclusive team and does not tolerate discrimination, harassment, or retaliation of any kind.

Massachusetts Applicants:
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Our salary range reflects the cost of labor across various U.S. geographic markets. The range displayed below reflects the minimum and maximum target salaries for the position across all our US locations. The base salary offered for this position is determined by several factors, including the applicant’s job-related skills, relevant experience, education or training, and work location.

In addition to base salary, our total compensation package may include participation in the company’s annual cash bonus plan, variable compensation (OTE) for sales and customer success roles, equity, sign-on payments, and a comprehensive range of health, welfare, and wellbeing benefits based on eligibility. 

Your recruiter can provide more details about the specific salary/OTE range for your preferred location during the hiring process.

Base Pay Range For US Locations:
$116,000—$174,000 USD

This role may require up to 10% travel for purposes such as new hire onboarding, client or partner work if applicable, team meetings, and industry events. Travel is coordinated in advance.

Get to Know Klaviyo

We’re Klaviyo (pronounced clay-vee-oh). We empower creators to own their destiny by making first-party data accessible and actionable like never before. We see limitless potential for the technology we’re developing to nurture personalized experiences in ecommerce and beyond. To reach our goals, we need our own crew of remarkable creators—ambitious and collaborative teammates who stay focused on our north star: delighting our customers. If you’re ready to do the best work of your career, where you’ll be welcomed as your whole self from day one and supported with generous benefits, we hope you’ll join us.

AI fluency at Klaviyo includes responsible use of AI (including privacy, security, bias awareness, and human-in-the-loop). We provide accommodations as needed. 

By participating in Klaviyo’s interview process, you acknowledge that you have read, understood, and will adhere to our Guidelines for using AI in the Klaviyo interview Process. For more information about how we process your personal data, see our Job Applicant Privacy Notice.

Klaviyo is committed to a policy of equal opportunity and non-discrimination. We do not discriminate on the basis of race, ethnicity, citizenship, national origin, color, religion or religious creed, age, sex (including pregnancy), gender identity, sexual orientation, physical or mental disability, veteran or active military status, marital status, criminal record, genetics, retaliation, sexual harassment or any other characteristic protected by applicable law.

IMPORTANT NOTICE: Our company takes the security and privacy of job applicants very seriously. We will never ask for payment, bank details, or personal financial information as part of the application process. All our legitimate job postings can be found on our official career site. Please be cautious of job offers that come from non-company email addresses (@klaviyo.com), instant messaging platforms, or unsolicited calls.
 
By clicking "Submit Application" you consent to Klaviyo processing your Personal Data in accordance with our Job Applicant Privacy Notice.  If you do not wish for Klaviyo to process your Personal Data, please do not submit an application.  You can find our Job Applicant Privacy Notice here and here (FR).
Â