AI Threat Detection Engineer

job summary:
Core Responsibilities

1. Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.

2. Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.

3. Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.

4. Develop and enhance AI agents to streamline SOC operations and improve efficiency

5. Design and optimize prompts and workflows to support LLM-based security use cases

6. Evaluate emerging AI technologies and contribute to innovation within the SOC

7. Implement safeguards and controls to ensure secure and responsible AI usage

8. Build APIs, integrations, and automation workflows to support AI-driven capabilities

9. Write clean, maintainable, and production-ready code aligned with engineering best practices

10. Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions

11. Support AI agent development and deployment across SOC use cases

12. Stay current on AI advancements and apply best practices to ongoing work

13. Mentors junior team members to improve their technical acumen

14. Participates in special projects and performs other duties as assigned.

 
location: Malvern, Pennsylvania
job type: Contract
salary: $47.70 - 52.70 per hour
work hours: 8am to 5pm
education: Bachelors

responsibilities:

Core Responsibilities

1. Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.

2. Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.

3. Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.

4. Develop and enhance AI agents to streamline SOC operations and improve efficiency

5. Design and optimize prompts and workflows to support LLM-based security use cases

6. Evaluate emerging AI technologies and contribute to innovation within the SOC

7. Implement safeguards and controls to ensure secure and responsible AI usage

8. Build APIs, integrations, and automation workflows to support AI-driven capabilities

9. Write clean, maintainable, and production-ready code aligned with engineering best practices

10. Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions

11. Support AI agent development and deployment across SOC use cases

12. Stay current on AI advancements and apply best practices to ongoing work

13. Mentors junior team members to improve their technical acumen

14. Participates in special projects and performs other duties as assigned.

qualifications:
4+ years of hands-on programming or scripting experience (e.g., Python, Java, Shell)

5+ years of experience with cloud platforms such as AWS or Microsoft Azure

4+ year of experience building or supporting automation solutions (e.g., SOAR, GitHub, or similar tools)

4+ years of experience working with security technologies or supporting SOC/security operations

Exposure to AI, GenAI, or LLM-based solutions, with hands-on development experience preferred

Familiarity with security telemetry (logs, alerts, endpoint, network, and cloud data)

5+ years of exposure to SIEM platforms or detection engineering concepts

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact View email address on randstadusa.com.


Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.

Any consideration of a background check would be an individualized assessment based on the applicant or employee's specific record and the duties and requirements of the specific job.