RemoteLeaf Logo
Log in Sign up

Sr. Embedded Detection Analyst

3 days, 15 hours ago
United States
Full-time
Mid Level
Customer Success
Cybersecurity
Databricks Jupyter Python SIEM Splunk SQL
Apply Now
Abnormal AI

Abnormal AI

Abnormal AI provides advanced email security solutions designed to block malicious email attacks, including credential phishing, business email compromise, and account takeover.

Internet Software & Services
Founded 2018
View All Jobs 35

Description

  • Own detection performance outcomes for 3–5 strategic customer accounts, tracking and improving measurable detection KPIs (e.g., precision/recall, false positives/negatives).
  • Serve as a reliable technical partner for customer detection issues, handling high-priority false positive and false negative escalations in collaboration with Customer Success and Sales.
  • Monitor and analyze misclassification patterns using internal detection analysis dashboards and tools to identify root causes.
  • Perform incident triage and alert correlation using IOCs and TTPs to systematically diagnose why detections produce false positives or miss threats.
  • Design and implement detection tuning strategies and adjust thresholds/configurations to optimize precision while maintaining coverage against emerging threats.
  • Generate and present impact reports that demonstrate measurable detection improvements to customers and internal stakeholders.
  • Document investigation findings, tuning approaches, and reusable playbook content to enable team learning and program scaling.
  • Provide feedback to tooling teams on analysis gaps and automation opportunities and support training of other team members by sharing methodologies and investigation insights.

Requirements

  • 2–5 years of experience in SOC operations, detection engineering, incident response, email security analysis, or a related cybersecurity role.
  • Experience with security monitoring/detection platforms (SIEM, EDR, email security tools) — experience with Abnormal Security is a plus.
  • Proven experience triaging security alerts, performing root cause analysis, and tuning detection logic to reduce false positives while maintaining coverage.
  • Practical experience in email attack analysis with the ability to identify and leverage IOCs and TTPs to remediate threats.
  • Deep understanding of precision/recall metrics and their business impact on security operations and customer experience.
  • Demonstrated proficiency with AI tools (e.g., ChatGPT, Claude, Copilot) to enhance productivity, automate tasks, and accelerate investigations.
  • Strong technical writing and communication skills with the ability to explain complex issues to both technical and non-technical audiences and to produce customer-facing reports.
  • Ability to remain calm and responsive during high-pressure situations, including customer escalations and active incidents, with a strong ownership mindset.
  • Basic SQL knowledge and familiarity with Python or data analysis scripting/notebook environments (Databricks, Jupyter, Splunk) (nice to have).
  • Familiarity with threat intelligence concepts, MITRE ATT&CK, common email attack vectors, and relevant security certifications (Security+, Network+, GIAC, CISSP, CEH) is preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Spruce

Senior Forward Deployed Engineer

Spruce 11-50 Internet Software & Services

SpruceID is hiring a Senior Forward Deployed Engineer to work remotely in the U.S. on public-sector identity and credentialing projects, combining hands-on engineering with customer delivery to deploy secure, interoperable solutions for state governments and enterprise partners.

United States Full-time Senior Customer Success Full-stack Engineer
$150k-$175k
AWS Azure Blockchain C# Encryption GCP Go Java Rust
3 hours, 45 minutes ago
Netomi

Solution Architect – Agentic Delivery

Netomi 51-250 IT Services

Netomi is hiring a Solution Architect for its Agentic Delivery team in Toronto to lead technical delivery for enterprise AI automation and virtual agent deployments, with primary responsibility for customer onboarding and production readiness.

Canada Full-time Lead Customer Success Solutions Architect
AWS Azure GCP GraphQL OAuth REST API
4 hours ago
Sysdig

Senior Customer Solutions Engineer

Sysdig 251-1K IT Services

Sysdig is seeking a Senior Customer Solutions Engineer to serve as the technical advisor for enterprise customers using its cloud security platform, helping them deploy, adopt, and achieve business value.

United States Full-time Senior Customer Success
$130k-$179k
AWS DevSecOps Helm Kubernetes Linux Prometheus Terraform
4 hours, 15 minutes ago
Unstructured

Forward Deployed Engineer

Unstructured 1-10 IT Services

Unstructured is hiring a remote Forward Deployed Engineer to lead enterprise customer deployments and help commercial clients move AI-powered data pipelines from purchase to production.

Anywhere Full-time Senior Customer Success Solutions Engineer
AWS Azure DevSecOps Docker GCP Kubernetes LLM Machine Learning Python
4 hours, 30 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers