Lead Security Engineer – Defensive Cyber AI & Infrastructure (DCAI)
Join to apply for the Lead Security Engineer – Defensive Cyber AI & Infrastructure (DCAI) role at SOSi
Lead Security Engineer – Defensive Cyber AI & Infrastructure (DCAI)
1 day ago Be among the first 25 applicants
Join to apply for the Lead Security Engineer – Defensive Cyber AI & Infrastructure (DCAI) role at SOSi
Get AI-powered advice on this job and more exclusive features.
Sr Talent Acquisition Strategist for SOSi | Cleared | Looking for Cleared IT Candidates | A Seeker of Awesome People!
SOSi is seeking a skilled Lead Security Engineer – Defensive Cyber AI & Infrastructure (DCAI) to spearhead the integration of AI-powered defense , SOAR automation , and advanced cyber infrastructure in support of mission-critical operations for INDOPACOM warfighters . Based in Hawaii , our team delivers secure, multi-enclave Coalition connectivity through cutting-edge Desktop as a Service (DaaS) Private Cloud technology.
From its inception as a proof of concept, the platform has evolved into a robust cyber ecosystem. Now, we need a senior engineering leader to drive innovation and resilience. You’ll lead a team of engineers focused on deploying, tuning, and maintaining AI-assisted detection and response platforms and SOAR pipelines , ensuring automation is smart, scalable, and secure. This role bridges operations and engineering—collaborating with analysts, detection engineers, and NSOC leadership to reduce analyst fatigue, sharpen threat detection, and accelerate incident response.
- Lead the DCAI engineering team , assigning priorities, mentoring junior engineers, and ensuring effective tool and automation performance.
- Direct the deployment, configuration, and tuning of AI-enabled monitoring and response platforms to support analyst operations and after-hours coverage.
- Oversee the development and refinement of SOAR automation pipelines for triage, containment, escalation, and recovery.
- Act as the final technical escalation point for AI/automation issues, tool malfunctions, or advanced forensic requirements.
- Ensure automation logic is explainable, logged, and compliant with DoD cybersecurity standards, RMF, and NSOC SOPs.
- Collaborate with Detection Engineers to define, validate, and optimize custom rules, detections, and playbooks.
- Serve as engineering liaison to the NSOC Director and Senior CDA Lead, aligning automation with operational priorities.
- Validate AI-assisted detections with analyst input, adjusting models/rules to minimize false positives and maximize fidelity.
- Drive continuous improvement of NSOC engineering practices through post-incident reviews, lessons learned, and capability development.
- Maintain awareness of emerging AI/automation technologies, adversary tactics, and best practices to ensure the NSOC remains cutting-edge.
- Participate in tabletop and live security exercises, ensuring DCAI systems and staff can support full-spectrum incident response.
- Active in scope SECRET clearance or the ability to obtain SECRET eligibility.
- Bachelor’s Degree in Cybersecurity, Computer Science, Information Systems, or related field; equivalent work experience/certifications considered.
- 7+ years of experience in cybersecurity engineering, SOC/NSOC operations, or defensive tool management.
- 2+ years of experience in a leadership or technical lead role.
- DoD 8140 Intermediate certification (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC).
- Hands-on experience with SIEM, SOAR, EDR, and NTA platforms.
- Proven ability to lead teams, mentor staff, and manage priorities in a mission-critical environment.
Preferred Qualifications
- Active Top Secret clearance with ability to obtain/maintain TS/SCI.
- Prior experience with AI-enabled SOC platforms or AI/ML-assisted detection technologies.
- Experience building or managing SOAR workflows (Cortex XSOAR, Splunk SOAR, Phantom, etc.).
- Vendor certifications (Elastic Certified Engineer, Splunk, Palo Alto, Tenable, etc.).
- Advanced certifications (GCIA, GCTI, GCIH, CISSP).
- Schedule: Core-hour leadership (Mon–Fri) with on-call responsibilities for escalations and AI/automation incidents.
- Environment: Fast-paced, mission-critical operations requiring flexibility for off-hours support.
- Relocation packages may include a two-year commitment.
Working at SOSi
All interested individuals will receive consideration and will not be discriminated against for any reason.
Seniority level
Seniority level
Mid-Senior level
Employment type
Employment type
Full-time
Job function
Job function
Information TechnologyIndustries
Defense and Space Manufacturing
Referrals increase your chances of interviewing at SOSi by 2x
Inferred from the description for this job
Medical insurance
Vision insurance
401(k)
Paid maternity leave
Paid paternity leave
Tuition assistance
Disability insurance
Get notified when a new job is posted.
Sign in to set job alerts for “Security Engineer” roles.
Security Administrator 1 (Industrial Security Analyst 1) 23095
Aiea, HI $47,447.00-$68,000.00 3 months ago
Security Administrator 1 (Industrial Security Analyst 1) 23095
Aiea, HI $47,447.00-$68,000.00 3 months ago
Security Administrator 2 (Industrial Security Analyst 3) 23096
Hawaii, United States $75,616.00-$110,000.00 3 months ago
Security Administrator 2 (Industrial Security Analyst 3) 23096
Hawaii, United States $75,616.00-$110,000.00 3 months ago
Information Systems Security Engineer (ISSE)
Information Systems Security Engineer (ISSE)
Information Systems Security Engineer L2
Kailua, HI $130,000.00-$150,000.00 1 week ago
Threat Response Engineer, Security Operations
Security Analyst, 2nd Shift (Honolulu, Hawaii)
Linux Cryptography and Security Engineer
Security Administrator 1 (Industrial Security Analyst 1) 23095
Information System Security Officer/Cyber Analyst - Service in Hawaii
Honolulu, HI $100,000.00-$105,000.00 1 month ago
Security Administrator 2 (Industrial Security Analyst 3) 23096
Hickam Village, HI $75,616.00-$110,000.00 3 days ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr