We are seeking an experienced Lead AI Security Engineer to drive the next evolution of our client's Security Operations capabilities through advanced detection engineering, machine learning integration, and AI-powered analytics.
This role will lead the design and deployment of AI/ML-driven detection models, automation frameworks, and intelligent investigation workflows to enhance threat detection accuracy, reduce false positives, and accelerate response times.
The ideal candidate combines strong security engineering expertise with applied machine learning experience and a deep understanding of SOC operations.
Responsibilities:
AI-Driven Detection Strategy
- Define and execute the roadmap for integrating AI/ML into SOC detection and response workflows
- Identify high-value use cases for behavioural analytics, anomaly detection, and predictive threat modeling
- Translate threat intelligence and attack patterns into data-driven detection models
Machine Learning & Data Engineering
- Design, develop, and deploy ML models for:
- Anomaly detection (user behaviour, network activity, privilege misuse)
- Insider threat detection
- Fraud and abuse detection
- Work closely with data engineers to build scalable pipelines for telemetry ingestion and feature engineering
- Ensure models are explainable, auditable, and aligned with regulatory expectations
Advanced Detection Engineering
- Develop and tune detection logic across SIEM, XDR, EDR, and cloud-native platforms
- Map detections to the MITRE ATT&CK framework
- Reduce alert fatigue through intelligent enrichment and contextual scoring
- Validate detection effectiveness through adversary simulation and red team exercises
Automation & SOAR Enablement
- Lead automation initiatives to enhance triage, enrichment, and response workflows
- Develop playbooks integrating AI-based decision support
- Optimise response times and analyst efficiency through automation
SOC Modernisation & Platform Engineering
- Evaluate emerging AI security technologies and vendors
- Improve telemetry strategy to ensure high-quality data inputs for ML models
- Drive integration across cloud, endpoint, identity, and network security platforms
Experience:
- 8-12 years in cybersecurity, with strong experience in SOC, detection engineering, or threat hunting
- Hands-on experience applying ML techniques within security operations environments
- Experience in large enterprise or regulated environments preferred
To apply:
If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at [Confidential Information] for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.
Reg: R1876389
Lic: 16S8060
