Senior Cyber Security Engineer

Abnormal Security
Summary
Join Abnormal AI as a Senior Cyber Security Engineer to build next-generation security capabilities. This senior individual contributor role blends technical security expertise with strong engineering fundamentals. You will build integrations between infrastructure and security tooling, automate security workflows, and partner with engineering teams to enhance our cloud environment's security. As a technical lead, you will own the architecture and development of systems that improve preventative and detective capabilities. You will mentor junior engineers, act as a technical liaison, and contribute to platform and customer security. This role is for intellectually curious engineers who can bridge security principles and engineering execution. The position offers a competitive salary and benefits package.
Requirements
- Proven delivery in security engineering or infrastructure security roles, ideally in cloud-native environments
- Hands-on experience with AWS Native tooling (IAM, KMS, Config, Lambda, EKS) and working knowledge of Azure and GCP
- Strong scripting and dev skills in Python and/or Go; proficiency with Git, Linux, and infrastructure automation patterns
- Expertise in integrating or building tooling for SIEM, SOAR, vulnerability management, and CSPM platforms
- Experience deploying security controls via Infrastructure-as-Code (Terraform or CloudFormation)
- Comfortable investigating logs, tracing events, and contributing to incident analysis workflows
- Proven ability to influence and collaborate cross-functionally with engineering, infra, and IT
- Strong written communication and documentation skills and being able to convey complex designs clearly
- Background with using and securing container orchestration (Kubernetes), workload security, or service mesh controls
Responsibilities
- Architect, build, and maintain integrations between cloud-native infrastructure and security tooling (e.g., SIEM, SOAR, IAM tooling)
- Collaborate with Platform, Infra, and DevOps teams to build scalable preventative controls via Infrastructure-as-Code (Terraform, CloudFormation)
- Design and deploy automation workflows to correlate signals, enrich alerts, and auto-remediate known failure patterns
- Lead threat modeling and security design discussions with platform teams by translating risks into engineering actions
- Serve as a hands-on technical contributor during investigations or incidents by tracing system-level behavior and improving response workflows
- Mentor and support junior engineers on automation best practices, secure architecture, and tooling integrations
- Evaluate and uplift security tooling across commercial and cloud-native capabilities by focusing on scale, efficiency, and precision
- Define and track key posture metrics, building dashboards or reports to visualize security coverage and automation efficacy
- Monitor adoption and usage metrics to evaluate tool effectiveness and iterate accordingly
- Stay current with emerging AI platforms, evaluating them for business applicability and integration
Preferred Qualifications
- Experience working in fast-paced or startup environments with sometimes ambiguous ownership lines
- Familiarity with JavaScript or TypeScript, particularly in the context of DevOps tooling or plugins
- Hands-on experience with commercial Cloud Security tools (CNAPP, CSPM, DSPM, KSPM)
- Prior experience building security telemetry pipelines or log correlation frameworks
- Exposure to compliance frameworks (SOC 2, ISO 27001) and how engineering decisions affect auditability
- Familiarity with CI/CD systems and integrating security checks into developer workflows
Benefits
- Bonus
- Restricted stock units (RSUs)
- Benefits