The AI Threat Detection Engineer, Senior Specialist is responsible for developing and implementing AI-driven capabilities that enhance Security Operations Center (SOC) effectiveness. This role focuses on building automation and intelligent solutions to improve threat detection, streamline workflows, and reduce manual effort. Working closely with senior engineers and cross-functional teams, this individual contributes to the delivery of secure, scalable solutions that support SOC modernization.
Core Responsibilities - Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.
- Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.
- Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.
- Develop and enhance AI agents to streamline SOC operations and improve efficiency
- Design and optimize prompts and workflows to support LLM-based security use cases
- Evaluate emerging AI technologies and contribute to innovation within the SOC
- Implement safeguards and controls to ensure secure and responsible AI usage
- Build APIs, integrations, and automation workflows to support AI-driven capabilities
- Write clean, maintainable, and production-ready code aligned with engineering best practices
- Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions
- Support AI agent development and deployment across SOC use cases
- Stay current on AI advancements and apply best practices to ongoing work
- Mentors junior team members to improve their technical acumen
- Participates in special projects and performs other duties as assigned.
Qualifications - 4+ years of hands-on programming or scripting experience (e.g., Python, Java, Shell)
- 5+ years of experience with cloud platforms such as AWS or Microsoft Azure
- 4+ year of experience building or supporting automation solutions (e.g., SOAR, GitHub, or similar tools)
- 4+ years of experience working with security technologies or supporting SOC/security operations
- Exposure to AI, GenAI, or LLM-based solutions, with hands-on development experience preferred
- Familiarity with security telemetry (logs, alerts, endpoint, network, and cloud data)
- 5+ years of exposure to SIEM platforms or detection engineering concepts
Special Factors Sponsorship Vanguard is not offering visa sponsorship for this position.
About Vanguard At Vanguard, we don't just have a mission-we're on a mission.
To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.
How We Work Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.
Never miss an opportunity! Create an alert based on the job you applied for.
