• Build next-generation security products – Shape and deliver innovative solutions by integrating Nira’s governance capabilities into Dropbox and driving a standalone security offering for the broader market. • Lead an AI-driven roadmap – Define and launch intelligent features that use AI and automation to streamline access control, enforce real-time DLP, and proactively detect security risks. • Expand Dropbox’s impact in the market – Identify opportunities in the SMB and mid-market security space, craft a clear product vision, and accelerate adoption with a differentiated value proposition. • Deliver breakthrough product experiences – Partner with engineering and design to launch automated access reviews, AI-powered security insights, and compliance workflows that raise the bar on security. • Turn insights into action – Work directly with customers to uncover their toughest data governance and AI security challenges, and translate those needs into high-impact product features. • Drive seamless execution – Collaborate across engineering, security, compliance, and go-to-market teams to launch products that meet global standards (SOC 2, ISO 27001, GDPR, etc.) and delight customers.

• Perform security assessments, control effectiveness review, and cyber incident response • Build and write scripts/queries to assess the security posture of CIS infrastructure • Provide regular reporting on the status of the information security program to senior staff • Ensure continued compliance of the security and privacy programs with all applicable laws and regulations • Assist with security incidents and events to protect corporate information assets, including IP, data, and company reputation • Develop and monitor continuous audit and assessment practices; Support the implementation and maintenance of current laws, regulations, and industry best practices • Maintain a current understanding of the Cyber threat landscape • Communicate best practices and risks across the organization • Assist with internal Phishing engagements and vulnerability management • Other tasks and responsibilities as assigned

• Lead major cybersecurity incidents from detection through containment, eradication, recovery, and post-incident review; including participating in on-call rotation. • Serve as the top escalation point for complex, high-severity incidents, ensuring rapid and effective resolution. • Develop, maintain, and optimize incident response playbooks, runbooks, and escalation procedures. • Oversee enterprise-wide monitoring of networks, cloud, and endpoints for threats, vulnerabilities, and anomalous activity. • Advance detection capabilities using EDR, SIEM, and behavioral analytics aligned with MITRE ATT&CK. • Act as subject matter expert on EDR and SIEM. • Design and implement automation frameworks (Python, PowerShell, AWS Lambda) to streamline response workflows and reduce manual effort. • Integrate AI/ML models into security monitoring and response processes for enhanced detection accuracy and prioritization. • Conduct forensic investigations and threat hunting to identify root causes and emerging threat patterns. • Collaborate cross-functionally with infrastructure, application, and network teams to enforce secure configurations and compliance. • Mentor and guide incident response analysts, fostering technical growth and operational excellence. • Communicate effectively with executives and technical teams during and after incidents, producing clear reports and recommendations. • Drive continuous improvement in detection, response, and prevention strategies to strengthen enterprise security posture.

About the Role Abnormal AI is looking for a Senior Software Engineer, Data Security, to help define and build the next generation of our security and privacy platform. In this role, you’ll be a key technical leader on the Data Security team, designing and scaling the systems that keep our customers’ most sensitive data safe as we grow into new products, regions, and ecosystems. You will own and evolve the customer data security and privacy platform services that power Abnormal’s platform, from policy and enforcement to observability and analytics. You’ll collaborate closely with Security, Product, and Platform teams to design solutions that are secure by default, highly scalable, and intuitive for engineers to build on. This is a high-impact opportunity for someone who wants to shape how an AI-forward-thinking company like Abnormal thinks about data governance, privacy-by-design, and secure-by-default engineering over the coming years. Who You Are - You bring a practical security mindset and can identify potential security flaws at any step of the software development lifecycle, proposing reasonable solutions that balance risk and business needs. - You can translate Security & Privacy requirements into clear technical requirements and drive projects end to end, from design through rollout and ongoing ownership. - You are excited about the opportunity to grow into a leadership position on the team, setting, owning, and delivering key Multi-Product Platform initiatives with cross-divisional impact. What you will do - Design and build core Data Security platform services that enforce Security & Privacy standards across Abnormal’s products, infrastructure, and customer-facing integrations. - Own, lead, and deliver large, multi-quarter initiatives that enable Abnormal to expand into new geographies, verticals, and product lines while maintaining world-class security and privacy guarantees. - Develop secure, scalable data governance platform services and tooling that integrate Abnormal’s platform with external ecosystems such as Salesforce, Slack, GitHub, Zoom, and more—making Data Security and Privacy “on” by default. - Translate security and privacy requirements into clear technical designs, balancing risk, usability, and cost while enabling product teams to move quickly and safely. - Partner with Platform and Security leaders to define the vision, architecture, and roadmap for Abnormal’s Data Security platform, reconciling long-term strategy with near-term business needs. - Elevate the engineering bar by driving best practices in threat modeling, authz/authn, secure data access patterns, and observability for security-sensitive systems. - Mentor and grow engineers on the team, providing guidance on technical design, system ownership, and practical security thinking. Must Haves - BS degree in Computer Science, Electrical Engineering, Computer Engineering, or related field, or equivalent practical experience. - 5+ years of experience as a Software Engineer building and operating backend or distributed systems. - Strong software development and system design skills, with a deep understanding of reliability, scalability, and tradeoffs in distributed systems (e.g., consistency, availability, CAP theorem). - Hands-on experience with Authentication, Authorization, and/or Network Security, including common attack vectors, best practices, and modern security technologies. - Pragmatic security mindset with the ability to differentiate must-have vs. nice-to-have Security & Privacy requirements and make clear, well-reasoned tradeoffs. - Proven track record of leading complex projects end-to-end, from problem definition and design through implementation, rollout, and ongoing ownership. - Experience with Golang and Python, or strong experience in similar languages with a readiness to work in Go and Python day-to-day. Nice to Have - Ability to convert ambiguous business and compliance requirements (e.g., customer asks, regulatory needs) into crisp technical problems, milestones, and deliverables. - Strong product sense and prioritization skills, including the ability to articulate tradeoffs, cut scope intelligently, and ship the highest-impact work first. - Experience leading small teams or technical workstreams on multi-quarter platform or security initiatives. - Experience with data governance, privacy, or compliance domains (e.g., GDPR, CCPA, SOC 2, ISO 27001) and how they translate into engineering systems. #LI-NT1 Actual compensation will be determined based on several non-discriminatory factors including skills, experience, qualifications, and geographic location. In addition to base salary, this role may be eligible for bonus or incentive compensation, equity, and a comprehensive benefits package. Base salary range: $179,800—$258,500 USD Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here. If you would like more information on your EEO rights under the law, please click here.