ClearanceJobs
Security Engineer - AI & SOAR Integration
ClearanceJobs, Joint Base Pearl Harbor Hickam, Hawaii, United States
Security Engineer - AI & SOAR Integration
SOSi is searching for a Security Engineer - AI & SOAR Integration to join a trailblazing cyber team in Hawaii, where cutting-edge innovation powers mission-critical defense. Supporting INDOPACOM warfighters with secure, multi-enclave Coalition connectivity through advanced Desktop as a Service (DaaS) Private Cloud technology, this team has rapidly evolved from a bold proof of concept into a vital platform. As a Security Engineer, you'll lead the charge in deploying and fine-tuning AI-driven detection and response systems and SOAR automation pipelines, ensuring they're robust, efficient, and compliant. Working closely with analysts, detection engineers, and leadership, you'll drive efforts to reduce analyst fatigue, boost threat detection, and speed up incident response across a uniquely complex cyber environment. If you're ready to pioneer the future of cyber defense and make a tangible impact, this is your mission. Essential Job Duties Deploy, configure, and maintain AI-enabled monitoring and response platforms to support analyst operations and after-hours coverage. Develop and tune SOAR automation pipelines for triage, containment, escalation, and recovery. Ensure automation logic is explainable, logged, and compliant with DoD and NSOC SOPs. Integrate AI workflows with SIEM, EDR, and NTA telemetry for real-time monitoring and enrichment. Validate AI-assisted detections with analyst feedback, adjusting rules to reduce false positives. Serve as Tier 3 escalation point for automation- or tool-related incidents. Provide forensic data and log enrichment to support containment and response. Collaborate with Detection Engineers to build and validate custom detection rules and playbooks. Maintain current knowledge of emerging AI/automation technologies, threats, and adversary tactics. Participate in tabletop and live security exercises to validate AI & SOAR readiness. Document engineering changes, playbook updates, and lessons learned for continuous improvement. Minimum Requirements Active in scope SECRET clearance or the ability to obtain SECRET eligibility. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent experience/certifications). 5+ years of cybersecurity engineering or SOC/NSOC experience. DoD 8140 Intermediate certification (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC). Hands-on experience with SIEM, EDR, SOAR platforms. Scripting/automation experience (Python, PowerShell, REST APIs). Strong written and verbal communication skills for reporting, documentation, and escalation. Preferred Qualifications Active Top Secret clearance with ability to obtain/maintain TS/SCI. Prior experience working with AI-enabled SOC platforms or AI/ML-assisted detection technologies. Experience designing or managing SOAR workflows (Cortex XSOAR, Splunk SOAR, Phantom, etc.). Vendor certifications (Elastic Certified Engineer, Palo Alto, Tenable, Splunk, etc.). Advanced cybersecurity certifications (GCIA, GCTI, CEH, or GCIH). Work Environment Location: Hawaii NSOC. Schedule: 10-hour shifts, 4 days per week, with Wednesday reserved for cross-team training. Fast-paced, mission-critical environment requiring flexibility to support off-hours escalations. Relocation packages may include a two-year commitment. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.
SOSi is searching for a Security Engineer - AI & SOAR Integration to join a trailblazing cyber team in Hawaii, where cutting-edge innovation powers mission-critical defense. Supporting INDOPACOM warfighters with secure, multi-enclave Coalition connectivity through advanced Desktop as a Service (DaaS) Private Cloud technology, this team has rapidly evolved from a bold proof of concept into a vital platform. As a Security Engineer, you'll lead the charge in deploying and fine-tuning AI-driven detection and response systems and SOAR automation pipelines, ensuring they're robust, efficient, and compliant. Working closely with analysts, detection engineers, and leadership, you'll drive efforts to reduce analyst fatigue, boost threat detection, and speed up incident response across a uniquely complex cyber environment. If you're ready to pioneer the future of cyber defense and make a tangible impact, this is your mission. Essential Job Duties Deploy, configure, and maintain AI-enabled monitoring and response platforms to support analyst operations and after-hours coverage. Develop and tune SOAR automation pipelines for triage, containment, escalation, and recovery. Ensure automation logic is explainable, logged, and compliant with DoD and NSOC SOPs. Integrate AI workflows with SIEM, EDR, and NTA telemetry for real-time monitoring and enrichment. Validate AI-assisted detections with analyst feedback, adjusting rules to reduce false positives. Serve as Tier 3 escalation point for automation- or tool-related incidents. Provide forensic data and log enrichment to support containment and response. Collaborate with Detection Engineers to build and validate custom detection rules and playbooks. Maintain current knowledge of emerging AI/automation technologies, threats, and adversary tactics. Participate in tabletop and live security exercises to validate AI & SOAR readiness. Document engineering changes, playbook updates, and lessons learned for continuous improvement. Minimum Requirements Active in scope SECRET clearance or the ability to obtain SECRET eligibility. Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related discipline (or equivalent experience/certifications). 5+ years of cybersecurity engineering or SOC/NSOC experience. DoD 8140 Intermediate certification (GFACT or CEH or Cloud+ or CySA+ or PenTest+ or SSCP or Security+ or GSEC). Hands-on experience with SIEM, EDR, SOAR platforms. Scripting/automation experience (Python, PowerShell, REST APIs). Strong written and verbal communication skills for reporting, documentation, and escalation. Preferred Qualifications Active Top Secret clearance with ability to obtain/maintain TS/SCI. Prior experience working with AI-enabled SOC platforms or AI/ML-assisted detection technologies. Experience designing or managing SOAR workflows (Cortex XSOAR, Splunk SOAR, Phantom, etc.). Vendor certifications (Elastic Certified Engineer, Palo Alto, Tenable, Splunk, etc.). Advanced cybersecurity certifications (GCIA, GCTI, CEH, or GCIH). Work Environment Location: Hawaii NSOC. Schedule: 10-hour shifts, 4 days per week, with Wednesday reserved for cross-team training. Fast-paced, mission-critical environment requiring flexibility to support off-hours escalations. Relocation packages may include a two-year commitment. Working at SOSi All interested individuals will receive consideration and will not be discriminated against for any reason.