Staff Security Engineer

Abnormal AI is looking for a Staff Security Engineer to lead the development of the next evolution of our security capabilities at scale. This is a staff level, individual contributor role that demands deep technical security expertise, architectural leadership, and strong engineering fundamentals to work horizontally across our security organization and our stakeholder teams. You'll be responsible for driving the strategy and implementation of integrations between infrastructure and security tooling, pioneering security automation workflows, and strategically partnering with platform engineering teams to significantly harden our platforms.  You will have access to AI and LLM with modern development copilots to help ideate, pressure test, and increase agility and efficiency.

As a technical leader, you will own the architecture, development, and long-term vision of systems that enhance both preventative guardrails and detective capabilities, ensuring security is a foundational partner to our stakeholders. You'll mentor senior engineers, act as a principal technical liaison across multiple teams, and make critical contributions to keeping our platforms and customers secure.

This is a role for engineers who are intellectually curious, possess a strong bias for action, and are motivated to bridge the gap between advanced security principles and engineering execution at an organizational level.

• A technologist that understands how to make the most of AI an LLM to influence and deliver.
• An intellectually curious, solution focused engineer with a security mindset who thrives in fast paced, complex environments.
• A technical leader who can architect and drive scalable security solutions while maintaining engineering velocity across multiple initiatives.
• Someone who thinks like an attacker but builds like a defender, possessing a deep understanding of both offensive and defensive security principles at an enterprise level.
• A highly collaborative engineer who can translate complex security requirements into actionable engineering tasks and influence cross-functional roadmaps.
• A mentor who enjoys teaching advanced security best practices and automation techniques to both junior and senior engineers.

• Lead and drive threat modeling and security design discussions with platform teams, translating complex risks into strategic engineering actions and architectural decisions.
• Collaborate extensively with platform, infrastructure, and development teams to architect and deploy scalable preventative controls via Infrastructure as Code (primarily Terraform, with CloudFormation experience welcome).
• Evaluate, uplift, and strategically integrate security tooling across commercial and cloud native capabilities, with a focus on scale, efficiency, and precision across the organization.
• Mentor and provide technical leadership to junior and senior engineers on automation best practices, secure architecture, and complex tooling integrations.
• Design, deploy, and optimize advanced automation workflows to correlate diverse signals, enrich alerts, and auto-remediate complex known failure patterns.
• Architect, build, and maintain critical integrations between cloud infrastructure and security tooling (e.g. CSPM, SOAR, JIT/PAM, Cloud and Kubernetes IAM ), utilizing industry best practices and real world experiences. 
• Serve as a hands on technical contributor and lead during critical security incidents, tracing complex system behavior and enhancing response processes and playbooks.
• Stay current with emerging AI platforms and advanced security technologies, evaluating them for strategic business applicability and integration opportunities.

• Proven track record of delivering significant impact in security engineering or infrastructure security roles, ideally in large scale cloud environments.
• Expert level hands on experience with AWS tooling (IAM, KMS, Config, Lambda, EKS) and strong working knowledge of the equivalents in Azure and GCP.
• Exceptional scripting and development skills in Python and/or Go; deep proficiency with Git, Linux, and advanced infrastructure automation patterns.
• Expertise in efficient use of AI and LLMs to deliver.
• Expertise in architecting, integrating, or building tooling for security visibility and protection. (SIEM, SOAR, vulnerability management, and CSPM platforms).
• Extensive experience deploying and managing preventative security controls via Infrastructure as Code (Terraform or CloudFormation) for complex systems.
• Passion for digging into complex logs, tracing distributed events, and leading incident analysis workflows.
• Proven ability to influence, lead, and collaborate cross functionally with engineering, infra, and IT at a senior level.
• Exceptional written communication and documentation skills, capable of conveying complex designs and strategies to educate and influence diverse audiences.
• Deep background with using and securing container orchestration (Kubernetes), including advanced workload security and service mesh controls.

• Experience working in fast paced or startup environments and navigating ambiguous ownership lines, demonstrating proactive leadership and a team mentality.
• Familiarity with JavaScript or TypeScript, particularly from an application security perspective. .
• Hands-on experience with commercial Cloud Security tools (CNAPP, CSPM, DSPM, KSPM) and using them to derive value and minimize toil.
• Strategic partnership with cloud infrastructure teams to implement and maintain advanced security controls across multi cloud services.
• Prior experience building security telemetry pipelines or log correlation frameworks for large scale data.
• Exposure to compliance frameworks (SOC 2, ISO 27001, Frameworks FedRAMP) and a deep understanding of how engineering decisions affect auditability.
• Familiarity with CI/CD systems and integrating advanced security checks into developer workflows.

#LI-AJ1