Government Careers
  • AI Threat Detection Engineer, Senior Specialist

  • Vanguard
  • Dallas, Texas 75201 United States View Map

AI Threat Detection Engineer, Senior Specialist

The AI Threat Detection Engineer, Senior Specialist is responsible for developing and implementing AI-driven capabilities that enhance Security Operations Center (SOC) effectiveness. This role focuses on building automation and intelligent solutions to improve threat detection, streamline workflows, and reduce manual effort. Working closely with senior engineers and cross-functional teams, this individual contributes to the delivery of secure, scalable solutions that support SOC modernization.

Core Responsibilities

  • Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.
  • Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.
  • Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.
  • Develop and enhance AI agents to streamline SOC operations and improve efficiency
  • Design and optimize prompts and workflows to support LLM-based security use cases
  • Evaluate emerging AI technologies and contribute to innovation within the SOC
  • Implement safeguards and controls to ensure secure and responsible AI usage
  • Build APIs, integrations, and automation workflows to support AI-driven capabilities
  • Write clean, maintainable, and production-ready code aligned with engineering best practices
  • Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions
  • Support AI agent development and deployment across SOC use cases
  • Stay current on AI advancements and apply best practices to ongoing work
  • Mentors junior team members to improve their technical acumen
  • Participates in special projects and performs other duties as assigned.

Qualifications

  • 4+ years of hands-on programming or scripting experience (e.g., Python, Java, Shell)
  • 5+ years of experience with cloud platforms such as AWS or Microsoft Azure
  • 4+ year of experience building or supporting automation solutions (e.g., SOAR, GitHub, or similar tools)
  • 4+ years of experience working with security technologies or supporting SOC/security operations
  • Exposure to AI, GenAI, or LLM-based solutions, with hands-on development experience preferred
  • Familiarity with security telemetry (logs, alerts, endpoint, network, and cloud data)
  • 5+ years of exposure to SIEM platforms or detection engineering concepts

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a missionwe're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

AI Threat Detection Engineer, Senior Specialist

The AI Threat Detection Engineer, Senior Specialist is responsible for developing and implementing AI-driven capabilities that enhance Security Operations Center (SOC) effectiveness. This role focuses on building automation and intelligent solutions to improve threat detection, streamline workflows, and reduce manual effort. Working closely with senior engineers and cross-functional teams, this individual contributes to the delivery of secure, scalable solutions that support SOC modernization.

Core Responsibilities

  • Leads and responds to escalated cyber security alerts, cyber incidents, or related security investigations. Identifies real-time complex attack patterns and suggests mitigation strategies.
  • Leads the processes, tools and measures to monitor and detect compromises, risks, vulnerabilities, network security threats, tools and tactics used by modern and emerging threat actors. Facilitates security operations and incident response technologies and methodologies.
  • Develops, manages, maintains and enhances security controls (alerts, rules, policies, and signatures) for the security platforms.
  • Develop and enhance AI agents to streamline SOC operations and improve efficiency
  • Design and optimize prompts and workflows to support LLM-based security use cases
  • Evaluate emerging AI technologies and contribute to innovation within the SOC
  • Implement safeguards and controls to ensure secure and responsible AI usage
  • Build APIs, integrations, and automation workflows to support AI-driven capabilities
  • Write clean, maintainable, and production-ready code aligned with engineering best practices
  • Collaborate with security, engineering, and platform teams to deliver AI-enabled solutions
  • Support AI agent development and deployment across SOC use cases
  • Stay current on AI advancements and apply best practices to ongoing work
  • Mentors junior team members to improve their technical acumen
  • Participates in special projects and performs other duties as assigned.

Qualifications

  • 4+ years of hands-on programming or scripting experience (e.g., Python, Java, Shell)
  • 5+ years of experience with cloud platforms such as AWS or Microsoft Azure
  • 4+ year of experience building or supporting automation solutions (e.g., SOAR, GitHub, or similar tools)
  • 4+ years of experience working with security technologies or supporting SOC/security operations
  • Exposure to AI, GenAI, or LLM-based solutions, with hands-on development experience preferred
  • Familiarity with security telemetry (logs, alerts, endpoint, network, and cloud data)
  • 5+ years of exposure to SIEM platforms or detection engineering concepts

Special Factors

Sponsorship

Vanguard is not offering visa sponsorship for this position.

About Vanguard

At Vanguard, we don't just have a missionwe're on a mission.

To work for the long-term financial wellbeing of our clients. To lead through product and services that transform our clients' lives. To learn and develop our skills as individuals and as a team. From Malvern to Melbourne, our mission drives us forward and inspires us to be our best.

How We Work

Vanguard has implemented a hybrid working model for the majority of our crew members, designed to capture the benefits of enhanced flexibility while enabling in-person learning, collaboration, and connection. We believe our mission-driven and highly collaborative culture is a critical enabler to support long-term client outcomes and enrich the employee experience.

Government Careers

Government Careers

Government jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.

Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.

Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.

Show more

MORE JOBS