Senior Staff Engineer (AI Developer SOC Automation)

Job Description

Requirements

• Experience : 7.5+ years
• Strong experience in software engineering, AI/ML development, or automation engineering, including hands-on experience building AI/ML solutions.
• Strong programming expertise in Python with experience using AI/ML libraries such as Pandas, NumPy, Scikit-learn, PyTorch, or TensorFlow.
• Hands-on experience developing AI-powered automation using Large Language Models (LLMs), Azure OpenAI, OpenAI APIs, and prompt engineering techniques.
• Experience designing and implementing Retrieval-Augmented Generation (RAG) solutions for enterprise AI applications.
• Strong knowledge of Microsoft Azure services including Azure Machine Learning, Azure Functions, Logic Apps, Azure Event Hub, and Microsoft Sentinel.
• Experience developing REST APIs and microservices using FastAPI or Flask.
• Hands-on experience integrating AI solutions with SIEM, SOAR, security monitoring, and ticketing platforms.
• Good understanding of cybersecurity fundamentals including SIEM concepts, security monitoring, attack patterns, threat detection, MITRE ATT&CK framework, and log analysis.
• Experience building AI-powered alert automation, incident response workflows, and threat intelligence solutions.
• Familiarity with cloud platforms including Microsoft Azure, AWS, and Google Cloud Platform.
• Working knowledge of Git, Docker, CI/CD pipelines, containerization, and modern software development practices.
• Experience with Azure Sentinel Analytics Rules, Playbooks, Workbooks, or similar security automation capabilities is preferred.
• Familiarity with SOAR platforms such as Microsoft Sentinel SOAR, LogRhythm SIEM, or equivalent security orchestration solutions.
• Knowledge of Google Cloud services including Security Command Center, Pub/Sub, and BigQuery is an advantage.
• Experience using LLM orchestration frameworks such as LangChain, Semantic Kernel, or equivalent AI frameworks is desirable.
• Familiarity with Azure AI Search (Cognitive Search), vector databases, and semantic search capabilities is preferred.
• Understanding of on-premises SIEM platforms and enterprise log aggregation tools is an added advantage.
• Strong analytical, troubleshooting, and problem-solving skills with the ability to build scalable AI-powered security automation solutions.
• Excellent communication and collaboration skills with experience working in Agile and cross-functional engineering teams.
• Bachelor's degree in Computer Science, Information Technology, Engineering, MCA, or a related discipline.
• Professional certifications such as Microsoft SC-200, AZ-900, CEH, CompTIA Security+, or equivalent cloud and cybersecurity certifications are desirable.

Responsibilities

• Design, develop, and maintain AI-powered automation solutions to enhance Security Operations Center (SOC) workflows, including alert classification, anomaly detection, threat prioritization, and incident response.
• Build AI-powered security agents and bots that automate alert triage, investigation, and remediation processes.
• Develop and fine-tune NLP and machine learning models for log parsing, alert summarization, phishing detection, Indicator of Compromise (IOC) extraction, and threat intelligence analysis.
• Design and implement feature engineering pipelines to process security telemetry from cloud and on-premises monitoring platforms, including Microsoft Sentinel, GCP Security Command Center, Trend Micro XDR, and SIEM solutions.
• Build and optimize Retrieval-Augmented Generation (RAG) pipelines that leverage enterprise threat intelligence repositories, knowledge bases, and security playbooks.
• Develop, evaluate, and optimize LLM-powered security use cases through prompt engineering, model evaluation, and continuous performance improvement.
• Develop Azure Functions, Logic Apps, and Python-based automation to streamline alert enrichment, incident routing, notification workflows, and security operations.
• Build and maintain integrations with SIEM, SOAR, ticketing, monitoring, and security platforms using REST APIs, FastAPI, and custom connectors.
• Integrate AI-generated insights with incident management systems to automate ticket creation, prioritization, and status tracking.
• Develop Python-based APIs and microservices to expose AI capabilities for enterprise security applications.
• Consume, normalize, and process event streams from Azure Event Hub, GCP Pub/Sub, cloud platforms, and on-premises log sources.
• Develop unit tests, integration tests, and participate in peer code reviews to ensure secure, scalable, and high-quality software delivery.
• Monitor AI model performance, detect model drift, maintain dashboards, and continuously improve model accuracy using MLOps best practices.
• Maintain CI/CD pipelines for AI model deployment, automation releases, and infrastructure updates.
• Prepare technical documentation including API specifications, architecture diagrams, deployment guides, operational runbooks, and data models.
• Collaborate closely with SOC analysts, cybersecurity engineers, cloud teams, DevOps engineers, and data scientists to continuously improve AI-driven security automation.

Qualifications

Bachelor’s or master’s degree in computer science, Information Technology, or a related field.