Senior Engineer – Product Abuse

This is a fully remote position, open to applicants in United States.

📋 Description

• Oversee threat hunting initiatives aimed at identifying emergent threat activities related to platform misuse — assessing impact and driving resolutions.

• Create and deploy monitoring solutions to identify anomalies and possible abuses across external-facing services, APIs, and authentication interfaces.

• Direct the technical components of incident response, encompassing attack vector analysis, implementation of countermeasures, and conducting post-incident reviews.

• Develop automation and specialized tools to enhance detection, mitigation, and reporting processes.

• Implement event-driven tools to boost hunting effectiveness and proactively prevent the evolution of TTPs.

• Perform regular security evaluations and simulation testing targeting external attack surfaces and abuse vectors.

• Advocate for and lead product security improvements across the Falcon platform, influencing engineering teams to incorporate abuse resistance into the product design.

• Establish and refine logging strategies to improve visibility into potential abuse scenarios within cloud-native infrastructure.

• Contribute to the roadmap and strategic planning for abuse prevention, balancing both proactive and reactive measures.

• Provide support for follow-the-sun operational coverage as a part of a globally distributed team.

⛳️ Requirements

• Proactive self-starter with over 7 years of experience in cybersecurity engineering or threat intelligence, focusing extensively on threat hunting, attack mitigation, and tool development.

• Expertise in security automation and the development of tools.

• Hands-on experience with security services in cloud computing platforms — especially concerning infrastructure protection, identity and access management, and continuous monitoring.

• In-depth knowledge of attack patterns relevant to abuse, including credential stuffing, account takeover, API abuse, trial fraud, and the adversarial misuse of security tools.

• Capability to recognize when external-facing services surpass baseline performance and correlate those deviations with potential attack indicators.

• Thorough understanding of the TTPs utilized by threat actors and the changing threat landscape, including nation-state and eCrime entities.

• Driven by the initiative to identify and develop enhancements for improved visibility.

• Eager to collaborate across functional teams — such as Product & Engineering — to promote platform-wide abuse resistance.

🏝️ Benefits

• Competitive compensation and equity awards that lead the market.

• Extensive physical and mental wellness programs.

• Generous vacation and holiday allowances for relaxation and recharge.

• Paid parental and adoption leave policies.

• Professional development opportunities available for all employees, irrespective of their level or role.

• Employee Networks, neighborhood groups, and volunteer opportunities to foster connections.

• A vibrant office culture equipped with world-class amenities.

• Great Place to Work Certified™ globally.