Principal Cybersecurity Detection Engineer AI Driven Threats

Job Description

Company: SMKSoft Inc

Location: Vienna, US

Role: Principal Cybersecurity Detection Engineer AI Driven Threats

Hybrid Role in Vienna, VA or Winchester, VA or Pensacola, FL

JD:
Key ResponsibilitiesAI & Emerging Threat Detection
• Serve as the senior technical subject matter expert for AI-focused threat detection within the CSOC.
• Design, develop, deploy, and maintain advanced detection content across SIEM and security platforms to identify AI-enabled and emerging attack techniques.
• Engineer high-confidence detections using complex query languages and techniques (SPL, KQL, regex, YARA, macros, lookups) across on-premises, hybrid, and cloud environments.
• Continuously evaluate detection coverage and fidelity, tuning or retiring content as adversary tactics, data sources, and operational needs evolve.
• Research emerging AI and advanced technology threats (e.g., prompt injection, model poisoning, adversarial AI, data exposure) and translate them into actionable detection strategies.
• Align detection use cases to industry frameworks such as MITRE ATT&CK, MITRE ATLAS, and NIST CSF.
• Partner with threat intelligence, detection engineering, threat hunting, red team, and architecture teams to proactively strengthen detection capabilities.
• Support proofs of concept and pilots that apply AI to detection engineering and SOC operations, ensuring solutions deliver measurable operational value.
• Mentor and guide senior detection engineers and analysts on AI threat concepts and advanced detection strategies.
• Communicate complex technical findings clearly to technical teams, leadership, and executive stakeholders.
Required Qualifications
• 7+ years of experience in cybersecurity operations, detection engineering, or SIEM engineering in a senior individual contributor role.
• Advanced expertise in detection engineering across the full content lifecycle (design, testing, deployment, tuning, and decommissioning).
• Hands-on experience applying AI or machine learning capabilities within SOC or detection workflows.
• Familiarity with AI security frameworks (e.g., MITRE ATLAS, OWASP AI Security).
• Advanced proficiency with SIEM query languages and multi-source telemetry across on-prem, cloud (IaaS/PaaS/SaaS), and hybrid environments.
• Strong understanding of adversary TTPs, including emerging AI-enabled threats.
• Demonstrated ability to analyze large-scale log and telemetry datasets to identify threats and detection gaps.
• Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences.
Preferred Qualifications
• Experience leading or contributing to AI-focused SOC pilots, automation initiatives, or advanced detection programs.
• Relevant certifications (e.g., CISSP, CySA+, CASP+, CCSP) or comparable credentials.
• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related field.

Source: LinkedIn