RemoteLeaf Logo
Log in Sign up

Senior/Staff/Principal AI/ML Engineer - Threat Detection Engineering

4 weeks, 2 days ago
United States
Full-time
Lead
Machine Learning Engineer
Artificial Intelligence and Machine Learning
Deep Learning Kafka LLM Machine Learning
Apply Now
Appgate

Appgate

Appgate is the secure access company empowering secure connections with Zero Trust principles for people, devices, and systems.

Professional Services
251-1K
Founded 2020
View All Jobs 13

Description

  • Design and implement detection algorithms across authentication, authorization, network/location, data access, session management, and behavioral domains.
  • Build threat detection models and systems to identify identity compromise, privilege escalation, impossible travel, data exfiltration, and other threats.
  • Develop and deploy anomaly detection models such as Isolation Forest, One-Class SVM, and autoencoder neural networks.
  • Design explainable risk aggregation and scoring systems that correlate detection signals into dynamic user, device, and session risk scores.
  • Build scalable, low-latency streaming pipelines for real-time processing of ZTNA audit logs and security telemetry.
  • Architect and operate the end-to-end detection pipeline from log ingestion through risk aggregation and enforcement integration.
  • Define and maintain the detection taxonomy and lifecycle for the broader detection library.
  • Measure and improve signal quality by tracking MTTD, false positives, and MITRE ATT&CK coverage.
  • Partner with red teams to validate detections against realistic attack scenarios.
  • Collaborate with security, product, and platform engineering to align detection coverage with customer threat models and roadmap priorities.

Requirements

  • 7+ years of production AI/ML engineering experience.
  • Experience building threat detection, UEBA, ITDR, or identity security platforms, preferably at leading security or cloud companies.
  • Hands-on experience designing detections for identity-based threats such as credential compromise, privilege escalation, insider activity, behavioral anomalies, and data exfiltration.
  • Experience building AI-powered security systems using large language models, deep learning, and agentic AI techniques.
  • Real-time or near-real-time streaming pipeline experience with Kafka, Flink, Spark Streaming, or equivalent.
  • Familiarity with lakehouse formats such as Apache Iceberg or Parquet.
  • Knowledge of MITRE ATT&CK, identity threat kill chains, ZTNA or network access control systems, and audit log analysis.
  • Experience with detection-as-code frameworks such as Sigma or YARA is a bonus.
  • Experience applying LLMs or GNNs to security is a bonus.
  • Publications at USENIX, CCS, NeurIPS, or ICML are a bonus.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

The Missing Link

Saviynt IAM Specialist

The Missing Link 51-250 Internet Software & Services

The Missing Link is seeking a Security Engineer - Saviynt to support large enterprise identity governance initiatives, design and deliver Saviynt-based solutions, and strengthen its growing cyber security practice.

India Full-time Mid Level Security Engineer
Active Directory Azure Cybersecurity JavaScript PowerShell REST API SAP SQL
57 minutes ago
Affirm

Software Engineer II, Backend (ML Training & Serving)

Affirm 1K-5K Diversified Financial Services

Affirm is hiring a Software Engineer II for its ML Training & Serving engineering team to build the infrastructure that trains and serves machine learning models across the company.

Canada Full-time Junior Backend Engineer Machine Learning Engineer
$89k-$126k
AWS Kotlin Kubernetes Machine Learning MySQL Python
57 minutes ago
Resilient Co

Ssr. Fullstack Engineer

Resilient Co 11-50 Professional Services

Resilient Co. is hiring a semi-senior Fullstack Engineer in Argentina or Brazil to build AI-driven full-stack solutions for enterprise workflows, with a focus on agentic AI, machine learning, backend services, and cloud integration.

Argentina Brazil Contract Senior Full-stack Engineer Machine Learning Engineer
Angular Azure C# CI/CD Django Docker Entity Framework FastAPI Flask Git JavaScript Microservices .NET NumPy Pandas Python RabbitMQ React Scikit-learn Terraform Vue.js YAML
1 hour, 12 minutes ago
EnableComp

AI Security Architect (REMOTE - United States)

EnableComp 251-1K Insurance

EnableComp is seeking a remote AI Security Architect to secure and govern its AI and machine learning initiatives within its healthcare revenue cycle management environment.

United States Full-time Senior AI Engineer Security Engineer
Azure Cybersecurity HIPAA LLM Machine Learning
1 hour, 12 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers