Sr. Engineer- Product Abuse (Remote)

About The Position

Requirements

• Motivated self-starter with 7+ years of experience in a cybersecurity engineering or threat intelligence environment, with a significant focus on threat hunting, attack mitigation, and tooling
• Proficiency in security automation and tool development
• Practical experience with cloud computing platform security services — particularly as they relate to infrastructure protection, identity and access management, and continuous monitoring
• Deep familiarity with abuse-relevant attack patterns including credential stuffing, account takeover, API abuse, trial fraud, and adversarial misuse of security tooling
• Ability to identify when external-facing services are exceeding baselines and correlate deviations with potential attack indicators
• Comprehensive understanding of TTPs employed by threat actors and the evolving threat landscape, including nation-state and eCrime actors
• Passionate about taking initiative to identify and develop enrichments and enhanced visibility
• Enthusiasm for collaboration across functional teams — including Product & Engineering — to drive platform-wide abuse resistance
• Exceptional problem-solving abilities with a methodical approach to complex, ambiguous security challenges
• Strong written and verbal communication skills for both technical and non-technical audiences, including executive stakeholders
• Self-motivated with the ability to work independently and as part of a globally distributed, collaborative team
• Excellent time management and ability to prioritize effectively under pressure
• Passion for continuous learning and staying current with emerging threats, adversary tradecraft, and the abuse landscape

Nice To Haves

• Experience leveraging AI coding assistants and LLM-based tools as a force multiplier — accelerating tooling development, detection engineering, and automation at a pace beyond traditional workflows
• Experience applying data science techniques — such as machine learning, neural networks, or streaming anomaly detection — to generate threat signals, identify behavioral outliers, or integrate disparate datasets at enterprise scale
• Experience with front-end UI design, including contributions to large and complex codebases using HTML5, JavaScript, React, or similar technologies
• Experience with SIEM platforms (e.g., LogScale) for large-scale threat hunting and detection engineering
• Experience with identity and authentication systems, including OAuth, SAML, MFA bypass techniques, and session abuse patterns
• Expertise in designing and implementing robust network and cloud security measures, and comprehensive logging and monitoring for threat detection and incident response
• Experience operating in or supporting a follow-the-sun security operations model
• Strong background in OSINT, cybercrime investigations, or intelligence collection involving complex adversarial networks
• Background in trust and safety, fraud detection, or abuse engineering at a SaaS or cloud platform
• Familiarity with the CrowdStrike Falcon platform and its sensor, cloud, and API architecture

Responsibilities

• Lead threat hunting operations against emergent threat activity involving platform misuse — to determine impact and drive resolution
• Design and implement monitoring solutions to detect anomalies and potential abuse across external-facing services, APIs, and authentication surfaces
• Lead technical aspects of incident response, including attack vector analysis, countermeasure implementation, and post-incident review
• Develop automation and purpose-built tooling to streamline detection, mitigation, and reporting workflows
• Instrument event-driven tooling to drive hunting efficiency and proactive prevention of evolving TTPs
• Conduct regular security assessments and testing simulations targeting external attack surfaces and abuse vectors
• Advocate for and drive product security enhancements across the Falcon platform, influencing engineering teams to build abuse resistance into the product
• Implement and refine logging strategies to enhance visibility into potential abuse scenarios across cloud-native infrastructure
• Contribute to roadmap and strategic planning for abuse prevention, balancing proactive and reactive capabilities
• Support follow-the-sun operational coverage as part of a globally distributed team

Benefits

• Market leader in compensation and equity awards
• Comprehensive physical and mental wellness programs
• Competitive vacation and holidays for recharge
• Paid parental and adoption leaves
• Professional development opportunities for all employees regardless of level or role
• Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
• Vibrant office culture with world class amenities
• Great Place to Work Certified™ across the globe
• health insurance
• 401k
• paid time off