AI Agent Engineer – Security Operations

Job Title: AI Agent Engineer – Security Operations (SOC Automation)

Location: Malvern, PA
Duration: 12+ Months

Job Summary:

We are seeking a highly skilled AI Agent Engineer to build and deploy AI-driven security automation solutions within Security Operations (SOC) environments. The ideal candidate will design intelligent LLM-powered agents for alert triage, threat detection, and incident response, integrating seamlessly with SOC tools and enabling adaptive, autonomous security workflows.

Key Responsibilities:

• Design and build AI agents using LLMs/ML for:
  • Alert triage
  • Incident summarization
  • Threat hunting
• Implement agent frameworks such as:
  • LangChain, AutoGen, CrewAI, Semantic Kernel
• Develop autonomous decision logic and adaptive playbooks

• Integrate AI solutions with:
  • SIEM/SOAR tools (Elastic, Tines)
  • EDR platforms
  • Threat Intelligence systems
• Enable AI-driven SOC automation workflows

• Apply NLP/LLM techniques to process:
  • Logs, alerts, and threat intelligence data
• Build contextual insights and correlation models using:
  • Vector databases and knowledge graphs

• Develop Python-based applications using:
  • API-driven and event-based architectures
• Design scalable systems to handle high-volume security telemetry:
  • Network, endpoint, cloud logs

• Align detection and response workflows with:
  • MITRE ATT&CK framework
• Implement human-in-the-loop controls for AI decision-making
• Ensure security, compliance, and auditability of AI-driven actions

Required Skills & Experience:

• 8–10 years of overall IT experience
• Strong hands-on experience in:
  • AI/ML & LLM-based agent development
  • Python programming (advanced)
• Experience with:
  • SOC tools (SIEM/SOAR, EDR, Threat Intelligence platforms)
  • Agent frameworks (LangChain, AutoGen, CrewAI, Semantic Kernel)
• Strong knowledge of:
  • NLP and LLM applications
  • Vector databases & knowledge graphs
• Experience with:
  • API-based and event-driven architectures
• Familiarity with:
  • MITRE ATT&CK framework
  • Security telemetry and log analysis

Technical Skills:

• Python
• AI Agents / LLM / NLP
• Cyber Security (SOC, SIEM, SOAR, EDR)
• LangChain / AutoGen / CrewAI / Semantic Kernel
• Vector Databases / Knowledge Graphs

Preferred Qualifications:

• Experience with:
  • Symantec Endpoint Protection / EDR tools
• Exposure to:
  • Cloud security environments (AWS / Azure / Google Cloud Platform)
• Strong analytical and problem-solving skills
• Excellent communication and stakeholder collaboration abilities

Key Deliverables:

• Intelligent and scalable AI-driven SOC automation solutions
• Improved incident response time and threat detection accuracy
• Robust agent-based security workflows and playbooks
• High-quality, secure, and reliable AI integrations with SOC tools