Abnormal AI is seeking a Staff Security Engineer for an individual contributor role to lead the development of our next-generation security capabilities at scale. You will be responsible for driving the strategy and implementation of integrations between infrastructure and security tooling, pioneering security automation workflows, and strategically partnering with platform engineering teams to harden our platforms.

What You'll Do

Lead and drive threat modeling and security design discussions with platform teams, translating complex risks into strategic engineering actions and architectural decisions.
Collaborate extensively with platform, infrastructure, and development teams to architect and deploy scalable preventative controls via Infrastructure as Code.
Evaluate, uplift, and strategically integrate security tooling across commercial and cloud native capabilities.
Mentor and provide technical leadership to junior and senior engineers on automation best practices, secure architecture, and complex tooling integrations.
Design, deploy, and optimize advanced automation workflows to correlate diverse signals, enrich alerts, and auto-remediate complex known failure patterns.
Architect, build, and maintain critical integrations between cloud infrastructure and security tooling.
Serve as a hands-on technical contributor and lead during critical security incidents, tracing complex system behavior and enhancing response processes and playbooks.
Stay current with emerging AI platforms and advanced security technologies, evaluating them for strategic business applicability and integration opportunities.

What We're Looking For

Proven track record of delivering significant impact in security engineering or infrastructure security roles, ideally in large-scale cloud environments.
Expert-level hands-on experience with AWS tooling (IAM, KMS, Config, Lambda, EKS) and strong working knowledge of the equivalents in Azure and GCP.
Exceptional scripting and development skills in Python and/or Go; deep proficiency with Git, Linux, and advanced infrastructure automation patterns.
Expertise in efficient use of AI and LLMs to deliver.
Expertise in architecting, integrating, or building tooling for security visibility and protection (SIEM, SOAR, vulnerability management, and CSPM platforms).
Extensive experience deploying and managing preventative security controls via Infrastructure as Code (Terraform or CloudFormation) for complex systems.
Passion for digging into complex logs, tracing distributed events, and leading incident analysis workflows.
Proven ability to influence, lead, and collaborate cross-functionally with engineering, infra, and IT at a senior level.
Exceptional written communication and documentation skills, capable of conveying complex designs and strategies to educate and influence diverse audiences.
Deep background with using and securing container orchestration (Kubernetes), including advanced workload security and service mesh controls.

Nice to Have

Experience working in fast-paced or startup environments and navigating ambiguous ownership lines, demonstrating proactive leadership and a team mentality.
Familiarity with JavaScript or TypeScript, particularly from an application security perspective.
Hands-on experience with commercial Cloud Security tools (CNAPP, CSPM, DSPM, KSPM) and using them to derive value and minimize toil.
Strategic partnership with cloud infrastructure teams to implement and maintain advanced security controls across multi-cloud services.
Prior experience building security telemetry pipelines or log correlation frameworks for large-scale data.
Exposure to compliance frameworks (SOC 2, ISO 27001, Frameworks FedRAMP) and a deep understanding of how engineering decisions affect auditability.
Familiarity with CI/CD systems and integrating advanced security checks into developer workflows.

Technical Stack

Cloud: AWS (IAM, KMS, Config, Lambda, EKS), Azure, GCP
Languages: Python, Go, JavaScript, TypeScript
Infrastructure: Terraform, CloudFormation, Git, Linux, Kubernetes
Security Tools: SIEM, SOAR, CSPM, CNAPP, DSPM, KSPM

Team & Environment

This is an individual contributor role working horizontally across the security organization and stakeholder teams.

Benefits & Compensation

Compensation: $195,500—$230,000 USD + equity in the form of Restricted Stock Units (RSUs).

Work Mode

This position is fully remote and open to candidates located within the United States.

Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law.