Cyber AI & Automation Lead Engineer

Join to apply for the Cyber AI & Automation Lead Engineer role at Tyto Athene, LLC

• Design, develop, and implement AI/ML models to process high-volume, real-time streaming data from NOC/SOC sources.
• Perform advanced feature engineering on raw network and security data to extract indicators of compromise and behavioral anomalies.
• Develop and integrate data ingestion pipelines from SIEM, EDR, NDR, and network devices into the AI/ML ecosystem.
• Develop and deploy AI/ML models for anomaly detection in network traffic, user behavior, system logs, and security events.
• Engineer solutions to identify sophisticated cyber threats and network anomalies with high accuracy and low false positives.
• Design and build intelligent automation playbooks and workflows to automate incident response, network configuration changes, threat containment, and remediation actions.
• Develop predictive models to anticipate network failures, security breaches, or performance bottlenecks, enabling proactive intervention.
• Implement AIOps solutions to centralize monitoring, intelligently correlate events, and recommend or execute automated resolutions for common operational issues.
• Create and enhance SOAR integrations that are AI/ML-driven, optimizing triage, investigation, and response times.
• Focus on reducing MTTD and MTTR for network incidents and cyber threats through AI/ML-driven insights and automation.
• Automate repetitive, low-value tasks performed by NOC/SOC analysts, freeing them to focus on complex investigations, threat hunting, and strategic initiatives.
• Develop systems for intelligent alert prioritization to reduce alert fatigue and enable analysts to focus on critical events.
• Implement robust MLOps practices for continuous integration, delivery, and training of AI/ML models in production.
• Monitor model performance, detect drift, and ensure ongoing accuracy and relevance of deployed models.
• Establish clear data governance and lineage for AI/ML models, ensuring explainability and auditability.
• Collaborate with NOC engineers, SOC analysts, network architects, and cybersecurity experts to integrate AI/ML seamlessly into existing workflows.
• Translate complex AI/ML concepts and results into actionable insights for operational teams.

• 10+ years building and delivering solutions for U.S. federal government customers.
• Bachelor’s Degree in Engineering, Computer Science, or related field (equivalent experience considered).
• Expertise with open‑source LLMs (Llama, Gemma, Qwen) and VLMs (Phi4, Qwen‑VL) using Hugging Face.
• Strong prompt engineering skills.
• Experience building RAG pipelines with Lang Chain or Llama Index.
• Hands‑on Docker, Kubernetes, Helm; model serving with vLLM or Triton.
• ML observability tools and vector databases (Qdrant, Milvus).
• Familiarity with Model Context Protocol (MCP), BeeAI Framework, and secure, real‑time data access methodologies.
• Real‑time streaming processing experience (Kafka, Flink, Spark Streaming, Kinesis).
• Cloud‑native data platform experience (AWS Kinesis/MSK/S3, Azure Event Hubs/Data Lake, GCP Pub/Sub/Big Query).
• Demonstrated NOC/SOC domain knowledge, network performance metrics, and cybersecurity concepts.
• Experience building automation scripts and integrating APIs for network and security tools.
• Agile and CI/CD practitioner with lean engineering practices.
• Strong analytical, problem‑solving, communication, and interpersonal skills.
• Knowledge of Go, Rust, or C++ for edge optimization.
• Active SECRET clearance required; highly desired.

• Ability to obtain a Secret clearance is required; an active Secret clearance is highly desired.

Mid‑Senior level

Full‑time

Information Technology

Computer and Network Security and Technology, Information and Media