Principal Cybersecurity Detection Engineer AI Driven Threats

Role : Principal Cybersecurity Detection Engineer AI Driven Threats

Remote Role

JD:

The Principal Cybersecurity Detection Engineer AI Driven Threats is a senior individual contributor responsible for advancing the effectiveness and maturity of the Cyber Security Operations Center (CSOC).

This role designs, operationalizes, and scales high-confidence detection capabilities to address AI-enabled threats and emerging attack techniques. The position combines deep hands-on detection engineering expertise with applied knowledge of AI security and adversarial techniques.

As a principal-level individual contributor, this role drives the practical application of AI and emerging technologies within security operations, ensuring measurable improvements in detection fidelity, incident response outcomes, and analyst efficiency.

Key Responsibilities

• Serve as the senior technical subject matter expert for AI-focused threat detection within the CSOC.
• Design, develop, deploy, and maintain advanced detection content across SIEM and security platforms to identify AI-enabled and emerging attack techniques.
• Engineer high-confidence detections using SPL, KQL, regex, YARA, macros, and lookups across on-premises, hybrid, and cloud environments.
• Continuously evaluate detection coverage and fidelity, tuning or retiring content as adversary tactics, data sources, and operational needs evolve.
• Research emerging AI and advanced technology threats such as prompt injection, model poisoning, adversarial AI, and data exposure, and translate them into actionable detection strategies.
• Align detection use cases to frameworks such as MITRE ATT&CK, MITRE ATLAS, and NIST CSF.
• Partner with threat intelligence, detection engineering, threat hunting, red team, and architecture teams to strengthen detection capabilities.
• Support proofs of concept and pilots that apply AI to detection engineering and SOC operations.
• Mentor senior detection engineers and analysts on AI threat concepts and advanced detection strategies.
• Communicate complex technical findings to technical teams, leadership, and executive stakeholders.

Required Qualifications

• 7+ years of experience in cybersecurity operations, detection engineering, or SIEM engineering in a senior individual contributor role.
• Advanced expertise across the full detection engineering lifecycle, including design, testing, deployment, tuning, and decommissioning.
• Hands-on experience applying AI or machine learning capabilities within SOC or detection workflows.
• Familiarity with AI security frameworks such as MITRE ATLAS and OWASP AI Security.
• Advanced proficiency with SIEM query languages and multi-source telemetry across on-premises, cloud, and hybrid environments.
• Strong understanding of adversary TTPs, including emerging AI-enabled threats.
• Ability to analyze large-scale log and telemetry datasets to identify threats and detection gaps.
• Strong communication and stakeholder presentation skills.

Preferred Qualifications

• Experience contributing to AI-focused SOC pilots, automation initiatives, or advanced detection programs.
• Relevant certifications such as CISSP, CySA+, CASP+, or CCSP.
• Bachelor s degree in Cybersecurity, Computer Science, Engineering, or a related field