Senior/Staff/Principal AI/ML Engineer - Threat Detection Engineering

1 month, 3 weeks ago
Full-time
Lead
Artificial Intelligence and Machine Learning
Appgate

Appgate

Appgate is the secure access company empowering secure connections with Zero Trust principles for people, devices, and systems.

Professional Services
251-1K
Founded 2020

Description

  • Design and implement detection algorithms across authentication, authorization, network/location, data access, session management, and behavioral domains.
  • Build threat detection models and systems to identify identity compromise, privilege escalation, impossible travel, data exfiltration, and other threats.
  • Develop and deploy anomaly detection models such as Isolation Forest, One-Class SVM, and autoencoder neural networks.
  • Design explainable risk aggregation and scoring systems that correlate detection signals into dynamic user, device, and session risk scores.
  • Build scalable, low-latency streaming pipelines for real-time processing of ZTNA audit logs and security telemetry.
  • Architect and operate the end-to-end detection pipeline from log ingestion through risk aggregation and enforcement integration.
  • Define and maintain the detection taxonomy and lifecycle for the broader detection library.
  • Measure and improve signal quality by tracking MTTD, false positives, and MITRE ATT&CK coverage.
  • Partner with red teams to validate detections against realistic attack scenarios.
  • Collaborate with security, product, and platform engineering to align detection coverage with customer threat models and roadmap priorities.

Requirements

  • 7+ years of production AI/ML engineering experience.
  • Experience building threat detection, UEBA, ITDR, or identity security platforms, preferably at leading security or cloud companies.
  • Hands-on experience designing detections for identity-based threats such as credential compromise, privilege escalation, insider activity, behavioral anomalies, and data exfiltration.
  • Experience building AI-powered security systems using large language models, deep learning, and agentic AI techniques.
  • Real-time or near-real-time streaming pipeline experience with Kafka, Flink, Spark Streaming, or equivalent.
  • Familiarity with lakehouse formats such as Apache Iceberg or Parquet.
  • Knowledge of MITRE ATT&CK, identity threat kill chains, ZTNA or network access control systems, and audit log analysis.
  • Experience with detection-as-code frameworks such as Sigma or YARA is a bonus.
  • Experience applying LLMs or GNNs to security is a bonus.
  • Publications at USENIX, CCS, NeurIPS, or ICML are a bonus.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

ML Engineering Lead

SPD Technology Internet Software & Services

SPD Technology is hiring a Machine Learning Engineering Lead to build and deliver production-grade ML services for PitchBook, bridging data science and enterprise software engineering on a collaborative, flexible team.

Agile AWS Elasticsearch FastAPI GCP GitOps Grafana Java Kafka Kubeflow Machine Learning Microservices MLflow Prometheus Python PyTorch Redis SageMaker Scrum SQL TensorFlow
16 hours, 55 minutes ago

Senior Go Security

Coforge 10K-50K IT Services

Coforge is hiring a Senior Go Security engineer in Costa Rica to build and improve a cybersecurity platform’s backend and cloud-native services.

BDD CI/CD Cybersecurity Docker GCP Generative AI GitOps Go gRPC Kafka Kubernetes LLM Microservices Penetration Testing REST API
17 hours, 10 minutes ago

Senior Agentic AI Engineer

CodeRoad 51-250 Internet Software & Services

Coderoad is hiring a remote Agentic AI Engineer in LATAM to build and deploy AI prototypes for its procurement platform and related products within an AWS-based environment.

AWS CI/CD Machine Learning Python
17 hours, 10 minutes ago

Senior Infrastructure & Security Engineer

nuview.space 1-10 Wireless Telecommunication Services

NuView IT is seeking a Senior Network/Cloud/Systems Engineer to provide Tier 3 technical delivery, escalation support, and security-focused infrastructure services across client environments.

Active Directory Azure CrowdStrike HIPAA Windows Server
17 hours, 10 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers