Description:
We are seeking a Senior Cybersecurity Engineer – ML SecOps for our Technology & IT Services Management team. Reporting to the Manager, Cybersecurity Operations the Senior Cybersecurity Engineer – ML SecOps provides expert technical leadership in security operations, ML-driven detection engineering, SOAR(Security Orchestration, Automation, and Response) automation, and adversarial security testing, directly supporting next-generation SOC capabilities. This role leads complex incident investigations, advanced forensics, and threat-hunting, while designing ML-enhanced detection models and automation pipelines to improve SOC efficiency. The engineer evaluates emerging AI/ML security technologies, conducts resilience testing, and supports major incident response with hands-on expertise and architectural guidance. As a technical authority within the Cybersecurity Operations team, they mentor junior staff, develop detection content, and drive continuous improvement to align ML-driven capabilities with evolving threats and regulatory standards. Their work is essential to advancing the organization’s 24x7 SOC strategy, enabling cyber defenders to operate with greater precision and intelligence
As The Newest Member Of Our Team, You’ll
- Lead advanced security engineering initiatives across hybrid and cloud environments, delivering robust detections, continuous monitoring, forensics, and incident response capabilities.
- Develop sophisticated AI and ML-based detections, including behavioral analytics, anomaly models, and predictive SOC monitoring frameworks for emerging threats.
- Design and automate cross-platform SOAR workflows, Sentinel playbooks, enrichment pipelines, and containment logic to enhance SOC response efficiency.
- Architect, optimize, and scale Microsoft Sentinel through customized KQL analytics, UEBA models, and automation to reduce false positives.
- Maintain expert proficiency with EDR, SIEM, SOAR, and cloud-native tools such as CrowdStrike, Tenable, and Azure Defender.
- Lead intelligence-driven, hypothesis-based, and ML-assisted threat hunting operations to uncover emerging tactics and reduce attacker dwell time.
- Secure MLOps pipelines through governance controls, model validation, artifact integrity, CI/CD protection, and resilient retraining workflows.
- Enhance SOC effectiveness by developing new detections, reusable content, AI-driven playbooks, and modernized response processes across all tiers.
- Collaborate closely with Cloud, Identity, Data, and DevOps teams to embed detection logic and automated controls into enterprise platforms, while interacting with external vendors and Managed Security Service Providers (MSSPs).
- Act as senior technical escalation point, performing in-depth analysis, forensics, and containment support during high-severity cybersecurity incidents.
To Succeed, You Bring
- Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent hands-on experience.
- A minimum of seven (7) to ten (10) years of progressive, hands-on cybersecurity experience in SOC operations, detection engineering, and incident response.
- A minimum of six (6) years of applied experience with ML/AI-driven security operations, including behavioral analytics, anomaly detection, and SOAR automation.
- Expert knowledge of security frameworks including MITRE ATT&CK, NIST AI RMF, and Zero Trust architectures.
- Proven ability to engineer and automate ML-augmented detection pipelines and integrate threat hunting into SOC workflows.
- Deep experience securing cloud-native infrastructure (Azure/AWS/GCP) and applying security automation via Python, PowerShell, or Bash.
- Hands-on experience in digital forensics (endpoint, cloud, malware) and supporting major incident response investigations.
- Background in securing MLOps pipelines, ensuring governance, model integrity, and CI/CD security for AI/ML workflows.
- Demonstrated ability to uplift SOC capabilities through reusable detection libraries, AI-enhanced frameworks, and mentoring junior staff.
- Industry certifications (CIH, GCFA, GNFA, GCFE, GCTI, GMON, GCDA, OSCP, OSCE, OSEP, CRTO, Machine learning or cloud certifications AWS/Azure ML, TensorFlow, Google Cloud Professional ML Engineer)are preferred.