Skip to content
mimi

Principal Cybersecurity Detection Engineer AI Driven Threats

Smksoft

Vienna · Hybrid Full-time Lead 1mo ago

About the role

AI & Emerging Threat Detection

  • Serve as the senior technical subject matter expert for AI-focused threat detection within the CSOC.
  • Design, develop, deploy, and maintain advanced detection content across SIEM and security platforms to identify AI-enabled and emerging attack techniques.
  • Engineer high-confidence detections using complex query languages and techniques (SPL, KQL, regex, YARA, macros, lookups) across on-premises, hybrid, and cloud environments.
  • Continuously evaluate detection coverage and fidelity, tuning or retiring content as adversary tactics, data sources, and operational needs evolve.
  • Research emerging AI and advanced technology threats (e.g., prompt injection, model poisoning, adversarial AI, data exposure) and translate them into actionable detection strategies.
  • Align detection use cases to industry frameworks such as MITRE ATT&CK, MITRE ATLAS, and NIST CSF.
  • Partner with threat intelligence, detection engineering, threat hunting, red team, and architecture teams to proactively strengthen detection capabilities.
  • Support proofs of concept and pilots that apply AI to detection engineering and SOC operations, ensuring solutions deliver measurable operational value.
  • Mentor and guide senior detection engineers and analysts on AI threat concepts and advanced detection strategies.
  • Communicate complex technical findings clearly to technical teams, leadership, and executive stakeholders.

Required Qualifications

  • 7+ years of experience in cybersecurity operations, detection engineering, or SIEM engineering in a senior individual contributor role.
  • Advanced expertise in detection engineering across the full content lifecycle (design, testing, deployment, tuning, and decommissioning).
  • Hands-on experience applying AI or machine learning capabilities within SOC or detection workflows.
  • Familiarity with AI security frameworks (e.g., MITRE ATLAS, OWASP AI Security).
  • Advanced proficiency with SIEM query languages and multi-source telemetry across on-prem, cloud (IaaS/PaaS/SaaS), and hybrid environments.
  • Strong understanding of adversary TTPs, including emerging AI-enabled threats.
  • Demonstrated ability to analyze large-scale log and telemetry datasets to identify threats and detection gaps.
  • Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences.

Preferred Qualifications

  • Experience leading or contributing to AI-focused SOC pilots, automation initiatives, or advanced detection programs.
  • Relevant certifications (e.g., CISSP, CySA+, CASP+, CCSP) or comparable credentials.
  • Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related field.

Skills

AIKQLMITRE ATT&CKMITRE ATLASNIST CSFOWASPRegexSIEMSPLYARA

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free