
Job Title: Senior AI Threat Detection Engineer
Location: Malvern, PA Primary | Plano, TX Secondary Option
Position W2
Job Description
We are seeking a Senior AI Threat Detection Engineer to support Security Operations Center modernization initiatives. The ideal candidate will have strong experience in SOC operations, detection engineering, cloud security, automation, and hands-on programming. This role will focus on developing AI-driven security capabilities, improving threat detection, automating SOC workflows, and building secure, scalable solutions using modern engineering practices.
The consultant will work closely with security engineering, SOC, platform, and cross-functional teams to design and implement AI-enabled solutions that improve incident response, reduce manual effort, and strengthen overall security operations.
Key Responsibilities
Lead response efforts for escalated cybersecurity alerts, incidents, and security investigations.
Analyze complex attack patterns in real time and recommend effective mitigation strategies.
Develop, maintain, and enhance detection logic, alerts, rules, policies, and signatures across security platforms.
Support monitoring and detection of cyber threats, vulnerabilities, risks, and threat actor tactics, techniques, and procedures.
Build and enhance AI agents to streamline SOC operations and improve analyst efficiency.
Design and optimize prompts, workflows, and use cases for LLM-based security solutions.
Build APIs, integrations, and automation workflows to support AI-driven threat detection capabilities.
Develop clean, maintainable, production-ready code following engineering best practices.
Implement safeguards, controls, and responsible AI practices for secure AI usage within security operations.
Evaluate emerging AI, GenAI, and automation technologies and recommend improvements for SOC modernization.
Collaborate with SOC, security engineering, cloud, platform, and application teams to deliver scalable AI-enabled solutions.
Support deployment and continuous improvement of AI agents across SOC use cases.
Mentor junior team members and help improve overall technical capability within the team.
Participate in special security projects and support additional responsibilities as needed.
Required Qualifications
4+ years of hands-on programming or scripting experience using Python, Java, Shell, or similar languages.
5+ years of experience working with cloud platforms such as AWS or Microsoft Azure.
4+ years of experience building or supporting automation solutions such as SOAR, GitHub workflows, CI/CD automation, or similar platforms.
4+ years of experience working with security technologies or supporting SOC/security operations.
5+ years of exposure to SIEM platforms, detection engineering, or security monitoring concepts.
Strong understanding of security telemetry, including logs, alerts, endpoint data, network data, and cloud security data.
Experience supporting incident response, threat detection, alert tuning, and security investigation workflows.
Exposure to AI, GenAI, LLM-based solutions, or AI agent development.
Strong API integration, automation, and workflow development experience.
Ability to work with cross-functional teams and communicate technical findings clearly.
Preferred Skills
Hands-on experience developing AI or GenAI solutions for cybersecurity use cases.
Experience with prompt engineering, AI agents, and LLM-based workflow automation.
Experience with SOAR platforms and security orchestration.
Knowledge of MITRE ATT&CK, threat actor TTPs, and modern detection engineering practices.
Experience with cloud security monitoring, security data pipelines, and scalable automation frameworks.
Strong understanding of responsible AI, security controls, and risk mitigation for AI-based systems.
Ideal Candidate
The ideal candidate is a senior-level security engineer with strong programming, cloud, automation, and SOC experience. They should be comfortable building AI-driven security solutions, working with security telemetry, improving detection workflows, and collaborating with engineering teams to deliver production-ready capabilities.