Abnormal AI Logo

Software Engineer II - Entity Intelligence

🇮🇳 India💻 Software Development🔵 Mid-level

Job Description

About the Role

Enterprises of all sizes trust Abnormal’s AI-native security products to stop cybercrime and protect critical communications, identities, and infrastructure in the cloud. Our products are data- and systems-intensive, operating at high scale and low latency across multiple clouds and regions.

As a Software Engineer II on the Entity Intelligence Team, you are a highly capable detection feature owner: you take a detection problem, come up with an idea, design a technical approach, and drive it end-to-end, from design and implementation through launch, operation, and continuous improvement. You will work with a world-class group of engineers, product managers, and data scientists to build and operate detection that is reliable, scalable, and AI-native by default.

This role focuses on impersonation detection, including brand, lookalike-domain, VIP and employee impersonation. It is ideal for an engineer who has already shipped meaningful production systems, wants more ownership and impact, and is excited to use AI to build detection that was not possible before.

About the Team

The Entity Intelligence Team (EIT) is an attack-detection team inside Abnormal’s Detection org. We own several of the highest-visibility detection surfaces at the company, spanning attachment-based attacks, fraud, and impersonation. We work the way an analyst would: we study the attacks that get through, understand the underlying pattern, and translate it into system-level detection enhancements that generalize beyond the individual attack.

We are also one of the most AI-forward teams at Abnormal. We build and operate LLM-based detection agents and treat internal AI tooling as a first-class deliverable. Every engineer here writes detection logic and builds AI agents. Impersonation is one of the most damaging and visible classes of attack we defend against, where even simple attacks that slip through erode customer trust, so this is a surface we hold to a very high bar.

What You’ll Do

  • Design, build, and operate detection that is core to Abnormal’s products, from initial design through rollout, monitoring, and ongoing maintenance.
  • Own detection projects end-to-end, including those that begin with a degree of ambiguity: scope loosely defined problems, identify risks, define milestones, and deliver reliably.
  • Analyze attacks that get through. Pull and study missed-attack data, read the messages the way an attacker and an analyst would, identify the underlying pattern, and translate it into detection enhancements or entirely new detection systems.
  • Write and tune detection logic using scored signals and attributes, add new signals across the pipeline, and drive changes to launch with a strong focus on minimizing false positives.
  • Build and evaluate LLM-based detection agents, and measure precision and recall rigorously with our evaluation tooling.
  • Surface your detections as reusable intelligence that other products and teams across the platform can consume.
  • Participate in the on-call rotation for your detection surfaces, debug and resolve customer escalations, and feed learnings back into design, observability, and runbooks across regions.
  • Leverage AI as a core part of your development loop for code, tests, data analysis, experiments, and documentation, while maintaining strong engineering judgment and validation practices.
  • Contribute to team health and culture by documenting heavily, sharing learnings, and giving thoughtful feedback in code and design reviews.

Must Haves

  • 3+ years of professional software engineering experience, with a track record of shipping and operating production systems.
  • Strong software engineering fundamentals: data structures, algorithms, system design basics, testing, debugging, and clean, maintainable code.
  • Strong Python proficiency and comfort learning new languages and frameworks as needed.
  • Solid data-analysis instincts. You are comfortable with SQL and reasoning over large datasets to find signals in noise.
  • A detection or adversarial mindset. You enjoy thinking like an attacker, reading real attack samples, and asking, “How would I get past this?”
  • Genuine fluency with AI-native development. You already use AI coding agents in your daily work and are excited to build LLM-powered detection, not just consume AI tools.
  • Demonstrated ability to own projects that carry some initial ambiguity: clarify and scope loosely defined requirements, make tradeoffs explicit, deliver on time, and communicate status clearly.
  • Excellent written and verbal communication, especially in remote, distributed teams. We make decisions in writing.
  • A strong growth mindset and sense of ownership.

Nice to Have Skills

  • Experience with distributed systems, high-throughput pipelines, or large-scale data stores (e.g., PostgreSQL, DynamoDB, Redis, RocksDB, Kafka, Spark, OpenSearch/Elasticsearch).
  • Background in security, threat detection, anti-abuse, fraud detection, or trust and safety, particularly systems processing high volumes of email or communication data.
  • Experience with ML or LLM evaluation: precision/recall tradeoffs, eval harnesses, prompt iteration.
  • Familiarity with domain and DNS concepts (such as typosquatting and homoglyphs) or with identity and impersonation signals.
  • Experience with large-scale data tooling (e.g., Databricks, Spark, Airflow) and distributed pipelines.
  • Experience with containerization and orchestration (Docker, Kubernetes) and infrastructure-as-code tooling.
  • Familiarity with modern frontend frameworks (e.g., React) for full-stack roles, or with ML/ML Ops for Detection/MLE-focused roles.
  • Prior experience in a fast-paced, high-growth startup environment where you’ve had to balance speed, quality, and ambiguity.

Why You’ll Love It Here

  • You’ll solve hard, meaningful problems at the intersection of AI, security, and large-scale detection, where your work maps directly to attacks caught and customers protected.
  • You’ll work with smart, kind, and ambitious teammates who care deeply about detection craft, learning, and helping each other grow.
  • You’ll get real ownership and autonomy over an important detection surface, not a ticket queue, with clear opportunities to grow toward Senior and Staff roles.
  • You’ll be part of an AI-native R&D organization with strong investment in tools, workflows, and training to help engineers use AI to move faster while raising the quality bar.

#LI-AD2

Abnormal AI is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status or other characteristics protected by law. For our EEO policy statement please click here. If you would like more information on your EEO rights under the law, please click here.

Share this job:
Please let Abnormal AI know you found this job on Remote First Jobs 🙏

190 similar remote jobs

Explore latest remote opportunities and join a team that values work flexibility.

View all jobs
Abnormal AI logo

Software Engineer II Backend Engineer

Abnormal AI

Month ago
Brex logo

Software Engineer II Credit Limit Engineering

Brex

Month ago
Life360 logo

Senior Software Engineer II, AI Native, Experimentation & ML

Life360

$118k-$216k 3 Days ago
Forter logo

Senior Software Engineer II, Payments

Forter

Week ago
Brex logo

Software Engineer II, Cloud Infrastructure

Brex

Week ago
Spreetail logo

Software Engineer II

Spreetail

Week ago

Remote companies like Abnormal AI

Find your next opportunity with companies that specialize in Email Security, Business Email Security, Cloud Email Security, and Phishing Detection. Explore remote-first companies like Abnormal AI that prioritize flexible work and home-office freedom.

All companies
True Zero Technologies Logo

True Zero Technologies

51-200 www.truezerotech.com

A Veteran-Owned Small Business providing comprehensive cybersecurity and consulting services across public and private sectors.

View company profile →
Nerdery Logo

Nerdery

51-200 www.nerdery.com

A digital consultancy focused on delivering solutions powered by data, AI, and cloud technology.

View company profile →
IT Concepts, Inc Logo

IT Concepts, Inc

501-1000 www.kentro.us

Provides digital solutions, IT modernization, and specialized services to federal agencies.

View company profile →
Stellar Cyber Logo

Stellar Cyber

51-200 stellarcyber.ai

Unified security platform

View company profile →
HSO Logo

HSO

1001-5000 www.hso.com

Helps companies modernize business operations and accelerate digital transformation using Microsoft technology.

View company profile →
SenseOn Logo

SenseOn

51-200 senseon.io

Our AI-driven intelligence cloud helps reduce cybersecurity risk and spending without traditional SIEM systems.

View company profile →

Project: Career Search

Rev. 2026.6

[ Remote Jobs ]
Direct Access

We source jobs directly from 21,000+ company career pages. No intermediaries.

Search Jobs Post a Job
01

Discover Hidden Jobs

Unique jobs you won't find on other job boards.

02

Advanced Filters

Filter by category, benefits, seniority, and more.

03

Priority Job Alerts

Get timely alerts for new job openings every day.

04

Manage Your Job Hunt

Save jobs you like and keep a simple list of your applications.

21,000+ SOURCES UPDATED 24/7
Apply