TekStream SolutionsRemote
Proactive Security Engineer
United States of America
Full Time
2 weeks ago
H1B Sponsor Likely
Key skills
Linux UbuntuLinux CentOS/RHELLinux DebianPythonBash scriptingSystem architectureProactive security honeynetsProactive security deceptionProactive security anomaly detectionProactive security vulnerability assessmentThreat intelligence ingestion and correlationSIEM Microsoft SentinelSIEM SplunkSIEM Elastic SecurityNetwork analysis WiresharkNetwork analysis NmapNetwork analysis TCP/IPAgentic AI systemsLLM orchestrationPrompt engineeringRAG pipelinesShellBashAIMLLLMRAGAgenticKubernetesDockerEKSSplunk
About this role
TekStream Solutions is focused on building and operating deception, threat intelligence, and adversary-engagement infrastructure for their autonomous cyber defense platform. The Senior Proactive Security Engineer will be responsible for turning architectural requirements into sustainable systems, building deception infrastructure, integrating threat intelligence, and ensuring reliability and sustainability of the systems in production.
Responsibilities:
- Build and operate deception infrastructure. Take requirements for honeynet sensors and emulated customer environments and implement them on servers and cloud infrastructure — provisioning, configuration, hardening, and deployment
- Integrate threat intelligence pipelines. Stand up ingestion, enrichment, and correlation across multiple intelligence sources, and route outputs into platform detection and response workflows
- Engineer detection and event-correlation workflows. Combine system telemetry, behavioral monitoring, and ML-based classification into production-grade detection pipelines
- Translate research into applied systems. Turn security theory and research concepts into production-grade implementations, documented so they are reproducible by the next engineer who touches them
- Own reliability and sustainability. Monitoring, access control, patching, and lifecycle management — the systems you build stay stable in production, not just on demo day
- Integrate AI/ML capabilities. Build and operate LLM-powered analysis pipelines, agentic workflows, and AI-driven enrichment, classification, and detection — engineered to run reliably under production constraints
- Collaborate across the platform. Work with the Proactive Security Lead, MDR/SOC teams, and platform architecture to ensure deception and intelligence outputs integrate cleanly into Cosmos operations
Requirements:
- Hands-on experience deploying, configuring, and securing servers and infrastructure (Linux-centric: Ubuntu, CentOS/RHEL, Debian)
- Strong coding background — Python and Bash/shell scripting at minimum; ability to automate provisioning and integrate systems via APIs
- Demonstrated ability to take a theoretical concept or research requirement and implement it as working applied technology
- System architecture experience — designing systems that are sustainable, monitored, and resilient rather than one-off setups
- Proactive security experience — honeynets and deception, anomaly detection, vulnerability assessment, or similar offensive-informed defensive work
- Threat intelligence experience — ingesting, enriching, and correlating intel feeds
- Experience with SIEM and log/event correlation (Microsoft Sentinel and/or Splunk preferred; Elastic Security acceptable)
- Network analysis fundamentals (Wireshark, Nmap, TCP/IP)
- Experience with agentic AI systems, LLM orchestration, prompt engineering, or RAG pipelines
- Familiarity with applying AI to security use cases — anomaly detection, threat classification, alert triage, or intelligence enrichment
- Container and orchestration experience (Docker, Kubernetes/EKS)
- ML-based anomaly/threat detection model development
- HPC or GPU-accelerated systems experience (CUDA, SLURM, NVIDIA clusters) used for AI model development
- RBAC and multi-tenant access control design
- Advanced degree (M.S. or Ph.D.) in cybersecurity, computer engineering, or a related field
- Research or publication background in security, side-channel analysis, or systems security
- SOC operations exposure (Tier-1 or above)
- Experience working alongside legal/compliance review on offensive-informed defensive capabilities