Federal Security Engineer

Abnormal AI is seeking a Federal Security Engineer to ensure Abnormal's FedRAMP environment operates securely, resiliently, and efficiently. This role focuses on security operations engineering, with responsibilities spanning CI/CD pipelines, access management, patch management, change reviews, incident response, and security automation. The engineer will directly own and improve the technical workflows that keep Abnormal Gov systems compliant and resilient at scale. The ideal candidate combines deep cloud and infrastructure security expertise with operational discipline, and is AI-enabled to maximize efficiency and reduce overhead.

• Maintain and improve CI/CD pipelines to support secure deployments and infrastructure workflows.
• Manage infrastructure-as-code (IaC) PR and Change Control Board reviews, ensuring changes are tested, approved, and secure before release.
• Perform security impact analyses (SIAs) for system/application changes and provide recommendations.
• Run OS and infrastructure patch cycles; manage hardened images and patch workflows for FedRAMP environments.
• Govern access management, including account provisioning, RBAC module maintenance, and periodic reviews.
• Manage logging and monitoring pipelines; tune SIEM ingestion and alerting for coverage and accuracy.
• Triage and respond to security incidents, from alert investigation through containment, recovery, and after-action reporting.
• Maintain and refine runbooks, SOPs, and documentation to ensure consistent operations and audit readiness.
• Collaborate with DevInfra, FedOps, Product, and Compliance teams to embed secure practices into operations and development.

• 5+ years in security engineering or infrastructure operations within federal or regulated cloud environments.
• Strong familiarity with NIST 800-53 controls and continuous monitoring practices.
• Proven delivery of AWS/SaaS security best practices.
• Hands-on expertise with CI/CD, infrastructure automation, and IaC security practices.
• Experience in patch management, hardened baselines, and secure image pipelines.
• Strong knowledge of identity and access management (IAM) design and enforcement in large-scale environments.
• Proven ability to manage SIEM pipelines and lead Tier 1/ Tier 2 incident response.
• Strong technical documentation, collaboration, and incident/project management skills.

• Experience integrating security automation into CI/CD pipelines and SecOps workflows.
• Prior experience supporting federal audits or 3PAO engagements.
• Knowledge of SaaS security operations and monitoring at scale.
• Experience driving automation in security operations, compliance tracking, and evidence management.
• Knowledge of SaaS security operations and modern cloud environments; exposure to DevSecOps pipelines or security reviews for Terraform/containers.

#LI-AJ1