AI Threat Detection Engineer

Location: Malvern, PA Description: Our client is currently seeking a AI Threat Detection Engineer: Hybrid Remote - Mondays and Fridays Remote

More security-focused (heavy threat detection; external attacks/intrusion, not so much on the vulnerability side).

AI development/engineering skills are going to be secondary. He is willing to let the candidate grow into this but some AI exposure is needed/required.

Some type of development/scripting is required, Python is most commonly found in this space but Java or Shell would also be okay. No preference to any language.

Duties & Responsibilities

The AI Threat Detection Engineer, Senior Specialist is responsible for developing and implementing AI-driven capabilities that enhance Security Operations Center (SOC) effectiveness. This role focuses on building automation and intelligent solutions to improve threat detection, streamline workflows, and reduce manual effort. Working closely with senior engineers and cross-functional teams, this individual contributes to the delivery of secure, scalable solutions that support SOC modernization.

Core Responsibilities

1. Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.

2. Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.

3. Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.

4. Develop and enhance AI agents to streamline SOC operations and improve efficiency

5. Design and optimize prompts and workflows to support LLM-based security use cases

6. Evaluate emerging AI technologies and contribute to innovation within the SOC

7. Implement safeguards and controls to ensure secure and responsible AI usage

8. Build APIs, integrations, and automation workflows to support AI-driven capabilities

9. Write clean, maintainable, and production-ready code aligned with engineering best practices

10. Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions

11. Support AI agent development and deployment across SOC use cases

12. Stay current on AI advancements and apply best practices to ongoing work

13. Mentors junior team members to improve their technical acumen

14. Participates in special projects and performs other duties as assigned.

Qualifications

4+ years of hands-on programming or scripting experience (e.g., Python, Java, Shell)

5+ years of experience with cloud platforms such as AWS or Microsoft Azure

4+ year of experience building or supporting automation solutions (e.g., SOAR, GitHub, or similar tools)

4+ years of experience working with security technologies or supporting SOC/security operations

Exposure to AI, GenAI, or LLM-based solutions, with hands-on development experience preferred

Familiarity with security telemetry (logs, alerts, endpoint, network, and cloud data)

5+ years of exposure to SIEM platforms or detection engineering concepts

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.
Contact:
This job and many more are available through The Judge Group. Please apply with us today!