Staff Data Scientist

Our Data Science team owns the machine learning backbone of Sift's fraud platform—a system that learns from 1T+ events annually across our network of 700+ global customers. You'll work alongside ML engineers, platform teams, and customer success leads who obsess over reducing false positives while catching sophisticated fraud patterns at scale.

We're looking for a specialist who combines exceptional statistical rigor with deep fraud and information security domain expertise. You understand account takeover tactics, payment fraud vectors, identity manipulation, and network abuse patterns—not from reading threat reports, but from having modeled them in production. You'll be the go-to expert for diagnosing why models fail, architecting solutions across multiple modeling paradigms, and building processes that prevent data science from becoming a bottleneck. Your domain knowledge becomes a force multiplier: you'll spot feature opportunities others miss, anticipate how adversaries will probe your models, and translate customer fraud signals into modeling advantage.

Success looks like: Models that outperform baseline by measurable margins because you engineered features informed by years of fraud pattern understanding. Production systems that don't degrade and don't leak money to evolving fraud schemes. Teams that trust your framework recommendations because you've debugged production failures in real fraud contexts. A research program that uncovers untapped signal in our customer data while staying ahead of attacker sophistication.

• Architect and own advanced modeling strategies across fraud and abuse problem domains (payment fraud, account takeover, identity spoofing, account abuse, content manipulation, credential stuffing). Your deep understanding of attacker tactics, exploit chains, and evasion strategies informs which signals matter and which are noise. You'll drive framework selection—deciding when gradient boosting on velocity features suffices, when graph neural networks unlock network effects competitors miss, when deep learning on sequence data catches adaptive fraud patterns—and hold yourself accountable for production outcomes. You'll work backward from business metrics (customer adoption, chargeback reduction, operational lift) to model objectives informed by threat models.

• Establish and defend model quality standards that account for adversarial dynamics. You'll develop diagnostic frameworks to decompose model performance by fraud type, attacker sophistication level, geography, and temporal patterns. You'll own the post-launch monitoring process, identify when degradation signals retrain vs. architecture change vs. active evasion by fraud rings. You'll design sampling strategies that catch emerging fraud patterns before they scale. Your infosec intuition becomes your quality moat: you'll spot when performance drops aren't random—they're a signal that attackers have found a new exploit path.

• Lead statistical innovation on our highest-leverage fraud problems. You'll explore novel feature representations drawn from your understanding of fraud mechanics (network propagation of compromised accounts, timing signatures of automated attacks, behavioral deviation from account history). You'll run rigorous experiments to validate whether a suspected fraud pattern is exploitable or a false lead. You'll publish findings internally (and externally where disclosable), and mentor junior data scientists on the difference between statistical significance and security-relevant signal magnitude.

• Partner with ML engineering and information security on adversarial robustness. You'll co-design models that don't just maximize accuracy—they resist manipulation. You'll pressure-test feature importance against known evasion tactics. You'll own the handoff from research to serving, ensuring what ships hasn't leaked assumptions about attacker behavior. Your infosec depth means you're fluent in threat modeling conversations with security teams, not learning it on the job.

• Build automated workflows that scale human expertise while respecting fraud complexity. You'll leverage AI-assisted tools (LLMs, AutoML frameworks) to accelerate experimentation while maintaining verification checkpoints informed by your domain knowledge. You'll document which automation patterns you trust (feature engineering exploration) and which require human oversight (fraud strategy pivots that might break assumptions in your features). You'll become the SME on where humans and AI each belong in fraud modeling pipelines.

• Deep, hands-on knowledge of fraud and information security patterns. You've modeled payment fraud, account takeover, identity abuse, or network attacks in production. You understand attacker incentives, exploit chains, evasion tactics, and how fraud patterns evolve in response to defenses. You can explain the difference between a velocity signal that's correlated with fraud and one that's causal—and why attackers can't simply game it. You're not learning fraud from blog posts; you're bringing operational context from having debugged production systems under attack.

• 5+ years of hands-on modeling experience with production accountability. You've shipped models to millions of users, owned their performance in production, and made decisions based on what's broken and why—not just benchmark scores. Bonus: some of that experience comes from adversarial or security-adjacent domains.

• Deep expertise in multiple modeling paradigms: Tree-based methods (XGBoost, LightGBM with parameter mastery), deep learning architectures (CNNs, RNNs, transformers for sequential/graph data), and graph-based methods (GNNs, message passing, network propagation). You know when each is overfit versus underspecified. You've chosen frameworks based on problem structure, not trend.

• Advanced degree in Statistics, Data Science, Machine Learning, or equivalent (MS or PhD in quantitative field, or 8+ years of demonstrable statistical modeling depth in production fraud/security contexts). You should reason naturally about confidence intervals, bias-variance tradeoffs, and statistical significance—not just memorize formulas. We care more about statistical intuition + proven execution than pedigree.

• Lean, deep statistical intuition informed by domain reality. You can explain why a fraud model is failing through first principles (feature leakage from attacker behavior that changed, distribution shift from geography expansion, optimization pathology from class imbalance). You spot when a metric is gaming the objective. You know the difference between a model that's broken and one that's working correctly but facing a new fraud strategy.

• Proven ability to partner with AI-assisted automation tools. You use LLMs, AutoML, and other AI systems to move faster—especially for feature engineering exploration and pattern discovery—but you verify their outputs and know where they hallucinate or oversimplify. You're building intellectual scaffolding, not outsourcing judgment. Fraud modeling can't be delegated to automation; you're the gate.

• Comfort working in ambiguity and adversarial contexts. You don't wait for perfect specs—you clarify what "reducing fraud leakage" means for a specific customer, run a small experiment, present findings with uncertainty bands, and iterate. You're comfortable saying "attackers might exploit this assumption" or "we need more data on this vector." You're comfortable saying "this is a business decision about fraud tolerance, not a modeling decision."

• Introduction interview with the recruiter (45 minutes) – Learn about your background, motivation, and domain journey. Where did fraud/infosec experience come from?

• Hiring Manager interview (45 minutes) – Deep dive into your approach to model design, production failure diagnosis, and threat model thinking. Discuss a time a production model failed and how you debugged it in the context of evolving attacker tactics.

• Virtual onsite loop with the team (4 hours):

  • Technical problem-solving session with data scientists – You'll diagnose a model failure scenario with adversarial context. Why did precision drop after three months? Is it data drift, attacker adaptation, or model assumption leakage?

  • Fraud domain + architecture conversation with ML engineers and fraud specialists – Design a modeling strategy for a new fraud vector. How do you choose between tree-based, deep learning, and graph approaches? What's your threat model?

  • Customer impact + threat modeling conversation with product/success leads – How do you translate customer fraud signals into features? How do you stay ahead of attacker sophistication?

  • Leadership discussion with hiring manager – Mentorship philosophy, standards-setting, and how you'd elevate the team's threat modeling rigor.

Let’s build it together:

At Sift, we are intentionally building a diverse, equitable, and inclusive workplace. We believe that diversity drives innovation, equity is a fundamental right, and inclusion is a basic human need. We envision a place where all Sifties feel secure sharing their authentic selves and diverse experiences with their teams, their customers, and their community – ultimately using this empowerment and authenticity to build trust and create a safer Internet.

This document provides transparency around how Sift handles the personal data of job applicants: https://sift.com/recruitment-privacy
A little about us:
Sift is the AI-powered fraud platform securing digital trust for leading global businesses. Our deep investments in machine learning and user identity, a data network scoring 1 trillion events per year, and a commitment to long-term customer success empower more than 700 customers to grow fearlessly. Global brands rely on Sift to unlock growth and deliver seamless consumer experiences. Visit us at sift.com and follow us on LinkedIn.