Senior Security Engineer, FedRAMP
About the Role
Abnormal AI is seeking a Senior Security Engineer to ensure Abnormal’s FedRAMP environment operates securely, resiliently, and efficiently. This role focuses on security operations engineering, with responsibilities spanning CI/CD pipelines, access management, patch management, change reviews, incident response, and security automation. The engineer will directly own and improve the technical workflows that keep Abnormal Gov systems compliant and resilient at scale. The ideal candidate combines deep cloud and infrastructure security expertise with operational discipline, and is AI-enabled to maximize efficiency and reduce overhead.
What you will do
- Maintain and improve CI/CD pipelines to support secure deployments and infrastructure workflows.
- Manage infrastructure-as-code (IaC) PR and Change Control Board reviews, ensuring changes are tested, approved, and secure before release.
- Perform security impact analyses (SIAs) for system/application changes and provide recommendations.
- Run OS and infrastructure patch cycles; manage hardened images and patch workflows for FedRAMP environments.
- Govern access management, including account provisioning, RBAC module maintenance, and periodic reviews.
- Manage logging and monitoring pipelines; tune SIEM ingestion and alerting for coverage and accuracy.
- Triage and respond to security incidents, from alert investigation through containment, recovery, and after-action reporting.
- Maintain and refine runbooks, SOPs, and documentation to ensure consistent operations and audit readiness.
- Collaborate with DevInfra, FedOps, Product, and Compliance teams to embed secure practices into operations and development.
Must Haves
- 5 - 7 years in security engineering or infrastructure operations within federal or regulated cloud environments.
- Strong familiarity with NIST 800-53 controls and continuous monitoring practices.
- Proven delivery of AWS/SaaS security best practices.
- Hands-on expertise with CI/CD, infrastructure automation, and IaC security practices.
- Experience in patch management, hardened baselines, and secure image pipelines.
- Strong knowledge of identity and access management (IAM) design and enforcement in large-scale environments.
- Proven ability to manage SIEM pipelines and lead Tier 1/ Tier 2 incident response.
- Strong technical documentation, collaboration, and incident/project management skills.
Nice to Have
- Experience integrating security automation into CI/CD pipelines and SecOps workflows.
- Prior experience supporting federal audits or 3PAO engagements.
- Knowledge of SaaS security operations and monitoring at scale.
- Experience driving automation in security operations, compliance tracking, and evidence management.
- Knowledge of SaaS security operations and modern cloud environments; exposure to DevSecOps pipelines or security reviews for Terraform/containers.
#LI-JT1
Actual compensation will be determined based on several non-discriminatory factors including skills, experience, qualifications, and geographic location.
In addition to base salary, this role may be eligible for bonus or incentive compensation, equity, and a comprehensive benefits package.
AI and our hiring process
Abnormal AI uses AI-assisted tools to help our recruiting team prepare for candidate interviews. These tools analyze resume content and role requirements to suggest interview questions and identify areas for the interviewer to explore. They do not make hiring decisions or screen candidates automatically. Every decision about a candidacy is made by a person.
Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here. If you would like more information on your EEO rights under the law, please click here.
As part of Abnormal AI's secure hiring practices, we conduct video interviews and validate applicant identity at various stages through our recruitment process. Further, if your application is successful and Abnormal AI makes a conditional offer of employment, we will carry out pre-employment checks which must be successfully completed to progress to a final offer. All processes and pre-employment checks are in line with prevailing legislation and Abnormal AI's policies relevant to our security and privacy standards.
Abnormal AI is committed to protecting your privacy. Please review our Abnormal AI Applicant Privacy Policy for full information about how Abnormal AI uses your personal information. By submitting an application you confirm that you have read and understand the Abnormal AI Applicant Privacy Policy.
Apply for Senior Security Engineer, FedRAMP
Submit your application below. We review every submission and typically respond within two weeks.
Compensation Disclaimer: The base salary range for this position is dependent on the candidate's experience, skills, qualifications, and location. The actual offer may vary. In addition to base salary, this role is eligible for equity, annual bonus, and benefits.
Equal Employment Opportunity: Abnormal Security is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic.
Privacy: By submitting your application, you agree to the processing of your personal data in accordance with our Privacy Policy.