Senior Cyber Defense Analyst
Abnormal AI
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.

Job Description
About the Role
At Abnormal AI, we are seeking a hands-on Senior Cyber Defense Analyst to thrive in our fast-paced, engineering-driven environment. This role is crucial for monitoring, investigating, and responding to security alerts across cloud, endpoint, identity, and application layers. You will collaborate closely with detection engineers, cloud security, and IT teams to safeguard our hybrid environment from real-time threats. This is a critical position for someone who thinks critically, automates relentlessly, and owns incidents end-to-end, moving beyond basic console operations.
Key Responsibilities
- Detection & Triage: Monitor alerts from tools like SIEM, EDR, IAM, CSPM, CDR. Perform initial triage, enrichment, and correlation across multiple data sources. Identify false positives and fine-tune rules with detection engineering.
- Incident Response: Lead containment, eradication, and recovery for endpoint, cloud, and identity incidents. Document and communicate incidents through SOAR/Jira/ServiceNow workflows. Perform root cause analysis and propose permanent preventive controls.
- Threat Hunting & Analysis: Proactively hunt using hypotheses mapped to MITRE ATT&CK. Investigate anomalies across CloudTrail, Okta, GitHub, and other telemetry sources. Collaborate with threat intelligence to identify emerging TTPs.
- Automation & Process Improvement: Build or enhance playbooks in SOAR (Torq or equivalent). Create custom enrichment scripts and automations (Python, Bash, etc.). Suggest new detection logic and operational improvements.
- Reporting & Metrics: Track and report operational metrics (MTTD, MTTR, incident categories). Maintain documentation and lessons learned.
Required Skills & Qualifications
- 5-7 years of hands-on SOC or Incident Response experience in a cloud-first or hybrid environment.
- Strong understanding of attacker lifecycle, MITRE ATT&CK, and threat actor TTPs.
- Experience with EDR (CrowdStrike preferred), SIEM (Splunk preferred), and SOAR (Torq, XSOAR, or Phantom).
- Familiarity with AWS, Okta, and SaaS platforms.
- Proficiency in writing queries and automations using Python, SPL, or equivalent.
- Excellent analytical and investigative skills — capable of operating independently with minimal hand-holding.
- Strong documentation and communication skills for technical and executive audiences.
Nice to Have
- Experience with CSPM/CDR/VM tools.
- Knowledge of Containers and Kubernetes security.
- Relevant certifications like CEH, Security+, GCIH, GCIA, or AWS Security Specialty.
What Success Looks Like
As a Senior Cyber Defense Analyst at Abnormal AI, success means consistently delivering high-quality triage with minimal false positives and proactively automating repetitive tasks. You will transform vague alerts into well-documented cases with actionable findings and make measurable improvements to detection coverage, response time, or tooling maturity.
Key skills/competency
- Security Operations (SOC)
- Incident Response
- Cyber Defense
- Threat Hunting
- MITRE ATT&CK
- Cloud Security (AWS)
- EDR (CrowdStrike)
- SIEM (Splunk)
- SOAR (Torq)
- Python Automation
How to Get Hired at Abnormal AI
- Research Abnormal AI's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
- Tailor your resume: Customize your resume to highlight 5-7 years of SOC/IR experience, cloud security, and automation skills.
- Master the technical skills: Prepare for questions on MITRE ATT&CK, EDR, SIEM, SOAR, AWS, Okta, and Python scripting.
- Showcase problem-solving: Be ready to discuss past incidents, your investigative process, and automation efforts in detail.
- Demonstrate communication: Practice explaining complex security concepts to technical and non-technical audiences.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background