Senior Cyber Security Engineer

About the Role

Abnormal AI is looking for a Senior Cyber Security Engineer to help build the next generation of security capabilities at scale. This is a senior IC-level role that blends deep technical security expertise with strong engineering fundamentals. You’ll focus on building integrations between infrastructure and security tooling, automating security workflows, and partnering with cloud and platform engineering teams to harden our cloud environment.

As a technical lead, you will own the architecture and development of systems that enhance both preventative guardrails and detective capabilities while ensuring security is a partner to our stakeholders. You’ll mentor junior engineers, act as a technical liaison across teams, and contribute directly to keeping our platforms and customers secure.

This is a role for engineers who are intellectually curious and motivated to bridge the gap between security principles and engineering execution.

Who you are

• An intellectually curious, solution focused Engineer with a Security mindset.

What you will do 

• Architect, build, and maintain integrations between cloud-native infrastructure and security tooling (e.g., SIEM, SOAR, IAM tooling).
• Collaborate with Platform, Infra, and DevOps teams to build scalable preventative controls via Infrastructure-as-Code (Terraform, CloudFormation).
• Design and deploy automation workflows to correlate signals, enrich alerts, and auto-remediate known failure patterns.
• Lead threat modeling and security design discussions with platform teams by translating risks into engineering actions.
• Serve as a hands-on technical contributor during investigations or incidents by tracing system-level behavior and improving response workflows.
• Mentor and support junior engineers on automation best practices, secure architecture, and tooling integrations.
• Evaluate and uplift security tooling across commercial and cloud-native capabilities by focusing on scale, efficiency, and precision.
• Define and track key posture metrics, building dashboards or reports to visualize security coverage and automation efficacy.
• Monitor adoption and usage metrics to evaluate tool effectiveness and iterate accordingly.
• Stay current with emerging AI platforms, evaluating them for business applicability and integration.

Must Haves 

• Proven delivery in security engineering or infrastructure security roles, ideally in cloud-native environments.
• Hands-on experience with AWS Native tooling (IAM, KMS, Config, Lambda, EKS) and working knowledge of Azure and GCP.
• Strong scripting and dev skills in Python and/or Go; proficiency with Git, Linux, and infrastructure automation patterns.
• Expertise in integrating or building tooling for SIEM, SOAR, vulnerability management, and CSPM platforms.
• Experience deploying security controls via Infrastructure-as-Code (Terraform or CloudFormation).
• Comfortable investigating logs, tracing events, and contributing to incident analysis workflows.
• Proven ability to influence and collaborate cross-functionally with engineering, infra, and IT.
• Strong written communication and documentation skills and being able to convey complex designs clearly.
• Background with using and securing container orchestration (Kubernetes), workload security, or service mesh controls.

Nice to Have 

• Experience working in fast-paced or startup environments with sometimes ambiguous ownership lines.
• Familiarity with JavaScript or TypeScript, particularly in the context of DevOps tooling or plugins.
• Hands-on experience with commercial Cloud Security tools (CNAPP, CSPM, DSPM, KSPM)
• Prior experience building security telemetry pipelines or log correlation frameworks.
• Exposure to compliance frameworks (SOC 2, ISO 27001) and how engineering decisions affect auditability.
• Familiarity with CI/CD systems and integrating security checks into developer workflows.