JPC Partners
JPC Partners is looking for a Fractional ML Engineer or Data Scientist to help our Cybersecurity client analyze and model data from real-time network traffic logs (primarily Zeek conn.log, DNS logs, and NetFlow). Our goal is to extract actionable insights and build lightweight detection models for anomalous behavior, segmentation policy validation, and traffic classification.
You’ll be working with structured log data and should be comfortable designing and evaluating machine learning workflows that can scale or be embedded into lightweight data pipelines (e.g., Jupyter, Python, cloud-ready).
This is part-time/project-based, ideal for someone with a cybersecurity lens and ML fluency.
Responsibilities
Explore and model Zeek and/or NetFlow log data Help improve existing pipeline logic (cleaning, enrichment, labeling) Build and test supervised and unsupervised models for:
Traffic classification (e.g., system personality or app type) Anomaly detection (e.g., port scanning, lateral movement) Baseline behavior for network segmentation enforcement
Optionally develop output for visualization or SIEM dashboards Example Use Cases
Classify device types based on observed connection patterns Detect rogue internal services using legacy or high-risk ports Map internal east-west traffic to segmentation policy gaps Identify abnormal DNS behavior and data exfiltration attempts Required Skills
3 – 5+ years of professional experience in Data Science, Machine Learning Engineering, or a related field Demonstrated experience working with real-world datasets, model deployment, and production-grade ML workflows Desired Skills
Python (Pandas, Scikit-learn, Jupyter), some SQL Experience with GCP and implementing cloud-based ML systems Experience with Zeek, NetFlow, or PCAP-derived data Familiarity with cybersecurity principles (MITRE ATT&CK, segmentation, IDS logic) Bonus: TensorFlow/PyTorch, Docker, experience integrating with SIEMs or cloud logging platforms Experience with implementing LLMs in cloud production environments
#J-18808-Ljbffr
Responsibilities
Explore and model Zeek and/or NetFlow log data Help improve existing pipeline logic (cleaning, enrichment, labeling) Build and test supervised and unsupervised models for:
Traffic classification (e.g., system personality or app type) Anomaly detection (e.g., port scanning, lateral movement) Baseline behavior for network segmentation enforcement
Optionally develop output for visualization or SIEM dashboards Example Use Cases
Classify device types based on observed connection patterns Detect rogue internal services using legacy or high-risk ports Map internal east-west traffic to segmentation policy gaps Identify abnormal DNS behavior and data exfiltration attempts Required Skills
3 – 5+ years of professional experience in Data Science, Machine Learning Engineering, or a related field Demonstrated experience working with real-world datasets, model deployment, and production-grade ML workflows Desired Skills
Python (Pandas, Scikit-learn, Jupyter), some SQL Experience with GCP and implementing cloud-based ML systems Experience with Zeek, NetFlow, or PCAP-derived data Familiarity with cybersecurity principles (MITRE ATT&CK, segmentation, IDS logic) Bonus: TensorFlow/PyTorch, Docker, experience integrating with SIEMs or cloud logging platforms Experience with implementing LLMs in cloud production environments
#J-18808-Ljbffr