Senior Software Engineer

Summary

Join Abnormal Security as an Application Security Platform SWE and become a key member of the Platform & Infrastructure Foundation team. You will architect and develop standardized services and components to enforce security and privacy. Collaborate with engineering teams to implement best practices, build tools, and ensure systems are secure and audited. Responsibilities include owning platform security services, designing secure frameworks, integrating with external applications, and managing customer data access. You will contribute to the engineering roadmap and vendor selection. This role requires strong software engineering skills, 5+ years of experience, and expertise in security and cloud technologies.

Requirements

• Solid software engineering skills
• 5+ years of experience as a Software Engineer
• Proven track record of leading projects and delivering high quality software
• Experienced with system design and infrastructure
• Being able to articulate pros and cons of certain design choices
• Experienced with Cloud (AWS, Azure, GCP) applications
• Experienced with Authentication & Authorization problem space, best practices, and the related technologies (OAuth, SSO, mTLS, JWT, SPIFFE/SPIRE, Istio, Envoy, Dapr)
• Practical Security First mindset
• Understanding of Personal Identifiable Information (PII) and best practices to protect PII data
• Ability to differentiate must-have versus nice-to-have Security & Privacy requirements
• Being able to balance Security requirements against engineering productivity and infrastructural cost

Responsibilities

• Own and lead the Platform Security services and components for Abnormal microservices such as Zero-Trust networking, Secure Service to Service communications, Secret Service & Management system, Certificate Authority design and development, etc…
• Design and develop secure and scalable frameworks and toolings to integrate Abnormal ecosystem with external applications such as Salesforce, Slack, Github, Zoom, etc… to enable Security by design
• Integrate Platform and Infrastructure components with Security Operational analytics and auditing tooling such as Okta, Dazz, Splunk, SIEM
• Own and lead the execution of customer sensitive data access, verifications, and control policies
• Collaborate closely with Cloud Infrastructure and CISO org to review and select the appropriate technologies for Secure Service to Service Communication
• Utilize prior industry experience to influence Platform Security and the overall Platform & Infrastructure engineering roadmap
• Reconcile Platform and Security requirements to build a secure platform while enabling multiple engineering teams to deliver high quality software at high velocity
• Contribute to vendor review and selection for related software purchases in key problem areas

Preferred Qualifications

• Knowledge of cryptographic or encryption algorithms (symmetric vs asymmetric) and their applications is a plus
• Experienced with compliance regulations such as ISO, GDPR, FedRamp