SOS International LLC
Security Engineer AI & SOAR Integration
SOS International LLC, Joint Base Pearl Harbor Hickam, Hawaii, United States
Overview:
SOSi is seeking a
Security Engineer AI & SOAR Integration
to join our forward-leaning cyber team in
Hawaii , where mission meets innovation. This team delivers secure, multi-enclave Coalition connectivity to
INDOPACOM warfighters , powered by cutting-edge
Desktop as a Service (DaaS)
Private Cloud technology. From its early proof of concept to a mature, mission-critical platform, the team has evolved rapidlyand now needs a sharp, motivated engineer to take cyber defense to the next level. Youll lead the deployment, tuning, and maintenance of
AI-assisted detection and response platforms
and
SOAR automation pipelines , ensuring theyre resilient, effective, and compliant. Collaborating closely with Cyber Defense Analysts, Detection Engineers, and leadership, youll help reduce analyst fatigue, strengthen threat detection, and accelerate incident response across a uniquely complex enterprise. Responsibilities: The Security Engineer will use data collected from SIEM, SOAR, EDR, and NTA tools to integrate, automate, and optimize NSOC defensive capabilities. Core duties include: Deploy, configure, and maintain
AI-enabled monitoring and response platforms
to support analyst operations and after-hours coverage. Develop and tune
SOAR automation pipelines
for triage, containment, escalation, and recovery. Ensure automation logic is explainable, logged, and compliant with DoD and NSOC SOPs. Integrate AI workflows with SIEM, EDR, and NTA telemetry for real-time monitoring and enrichment. Validate AI-assisted detections with analyst feedback, adjusting rules to reduce false positives. Serve as Tier 3 escalation point for automation- or tool-related incidents. Provide forensic data and log enrichment to support containment and response. Collaborate with Detection Engineers to build and validate custom detection rules and playbooks. Maintain current knowledge of emerging AI/automation technologies, threats, and adversary tactics. Participate in tabletop and live security exercises to validate AI & SOAR readiness. Document engineering changes, playbook updates, and lessons learned for continuous improvement. Qualifications:
Active in scope SECRET clearance. Bachelors Degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent experience/certifications). 5+ years of cybersecurity engineering or SOC/NSOC experience. DoD 8140 Intermediate certification (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC). Hands-on experience with SIEM, EDR, SOAR platforms. Scripting/automation experience (Python, PowerShell, REST APIs). Strong written and verbal communication skills for reporting, documentation, and escalation. Preferred Qualifications:
Active Top Secret clearance with ability to obtain/maintain TS/SCI. Prior experience working with
AI-enabled SOC platforms
or AI/ML-assisted detection technologies. Experience designing or managing SOAR workflows (Cortex XSOAR, Splunk SOAR, Phantom, etc.). Vendor certifications (Elastic Certified Engineer, Palo Alto, Tenable, Splunk, etc.). Advanced cybersecurity certifications (GCIA, GCTI, CEH, or GCIH). Working Conditions:
Location:
Hawaii NSOC. Schedule:
10-hour shifts, 4 days per week, with Wednesday reserved for cross-team training. Fast-paced, mission-critical environment requiring flexibility to support off-hours escalations. relocation packages may include a two-year commitment.
SOSi is seeking a
Security Engineer AI & SOAR Integration
to join our forward-leaning cyber team in
Hawaii , where mission meets innovation. This team delivers secure, multi-enclave Coalition connectivity to
INDOPACOM warfighters , powered by cutting-edge
Desktop as a Service (DaaS)
Private Cloud technology. From its early proof of concept to a mature, mission-critical platform, the team has evolved rapidlyand now needs a sharp, motivated engineer to take cyber defense to the next level. Youll lead the deployment, tuning, and maintenance of
AI-assisted detection and response platforms
and
SOAR automation pipelines , ensuring theyre resilient, effective, and compliant. Collaborating closely with Cyber Defense Analysts, Detection Engineers, and leadership, youll help reduce analyst fatigue, strengthen threat detection, and accelerate incident response across a uniquely complex enterprise. Responsibilities: The Security Engineer will use data collected from SIEM, SOAR, EDR, and NTA tools to integrate, automate, and optimize NSOC defensive capabilities. Core duties include: Deploy, configure, and maintain
AI-enabled monitoring and response platforms
to support analyst operations and after-hours coverage. Develop and tune
SOAR automation pipelines
for triage, containment, escalation, and recovery. Ensure automation logic is explainable, logged, and compliant with DoD and NSOC SOPs. Integrate AI workflows with SIEM, EDR, and NTA telemetry for real-time monitoring and enrichment. Validate AI-assisted detections with analyst feedback, adjusting rules to reduce false positives. Serve as Tier 3 escalation point for automation- or tool-related incidents. Provide forensic data and log enrichment to support containment and response. Collaborate with Detection Engineers to build and validate custom detection rules and playbooks. Maintain current knowledge of emerging AI/automation technologies, threats, and adversary tactics. Participate in tabletop and live security exercises to validate AI & SOAR readiness. Document engineering changes, playbook updates, and lessons learned for continuous improvement. Qualifications:
Active in scope SECRET clearance. Bachelors Degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent experience/certifications). 5+ years of cybersecurity engineering or SOC/NSOC experience. DoD 8140 Intermediate certification (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC). Hands-on experience with SIEM, EDR, SOAR platforms. Scripting/automation experience (Python, PowerShell, REST APIs). Strong written and verbal communication skills for reporting, documentation, and escalation. Preferred Qualifications:
Active Top Secret clearance with ability to obtain/maintain TS/SCI. Prior experience working with
AI-enabled SOC platforms
or AI/ML-assisted detection technologies. Experience designing or managing SOAR workflows (Cortex XSOAR, Splunk SOAR, Phantom, etc.). Vendor certifications (Elastic Certified Engineer, Palo Alto, Tenable, Splunk, etc.). Advanced cybersecurity certifications (GCIA, GCTI, CEH, or GCIH). Working Conditions:
Location:
Hawaii NSOC. Schedule:
10-hour shifts, 4 days per week, with Wednesday reserved for cross-team training. Fast-paced, mission-critical environment requiring flexibility to support off-hours escalations. relocation packages may include a two-year commitment.