Job Title:AI Cyber EngineerLocation(s): Chantilly, VAJob Summary:The AI Cyber Engineer is a senior technical role responsible for implementing and operating AI-driven cybersecurity capabilities to continuously detect, prioritize, and remediate vulnerabilities across the enterprise IT environment. This role combines cybersecurity engineering, artificial intelligence, software development, and automation to move beyond traditional reactive security into proactive and autonomous remediation. The engineer will leverage advanced AI models, agentic frameworks, and security tooling to:
- Continuously Client vulnerabilities across infrastructure, applications, and AI systems.
- Generate prioritized remediation strategies.
- Automatically develop fixes, where feasible (e.g., patches, configuration updates, code changes).
- Integrate findings into enterprise DevSecOps and SOC workflows.
Key Responsibilities: - AI-Driven Vulnerability Detection & Analysis
- Design and deploy AI-powered vulnerability discovery pipelines across:
- Cloud (AWS, Azure, GCP)
- On-prem infrastructure
- Applications, APIs, and microservices
- AI/LLM systems and data pipelines.
- Leverage AI techniques for:
- Pattern recognition in logs, telemetry, and attack signals
- Behavioral anomaly detection
- Identification of zero-day and emerging threats.
- Perform AI-assisted attack simulation and adversarial testing to proactively identify weaknesses.
- Intelligent Risk Prioritization
- Leverage and build-on AI models and scoring mechanisms to:
- Correlate vulnerabilities with threat intelligence, exploitability, and business impact
- Reduce false positives and alert fatigue.
- Implement contextual risk evaluation incorporating:
- Asset criticality
- Identity exposure (human and non-human identities)
- Data sensitivity and regulatory impact.
- Align prioritization with frameworks such as:
- NIST CSF/AI RMF
- MITRE Telecommunication&CK/ATLAS.
- Automated & Assisted Remediation
- Develop and maintain:
- Automated patching pipelines
- Infrastructure-as-Code (IaC) remediation templates
- Secure code transformation scripts (e.g., Python, Java, Terraform).
- Build AI agents to perform repeatable, permissible tasks.
- Collaborate with engineering teams to ensure safe deployment of automated remediation.
- Secure AI & Application Ecosystem Engineering
- Secure enterprise AI systems, including:
- LLMs, RAG pipelines, AI agents, and copilots.
- Implement protections against:
- Prompt injection, data exfiltration, adversarial attacks, AI model integrity risk, and more.
- Build and enforce:
- AI guardrails and runtime controls
- Secure model deployment pipelines
- Data protection and governance practices.
- DevSecOps & Continuous Security Integration
- Embed AI-driven security controls across:
- CI/CD pipelines and MLOps workflows.
- Implement:
- Shift-left security scanning and validation
- Automated policy enforcement
- Continuous compliance monitoring.
- Ensure vulnerabilities are automatically:
- Detected pre-production and remediated (or blocked) before release.
- Cross-Functional Collaboration
- Work closely with:
- AI Program teams
- Cloud Platform and Cloud Engineering teams
- Software engineering teams
- Security operations and GRC teams
- Translate security findings into developer-friendly remediation actions
- Provide guidance on secure coding and vulnerability remediation.
Required Qualifications: - Education & Experience
- Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field
- 8 years in cybersecurity, software engineering, or cloud security
- 3 years working with AI/ML systems or AI security
- Security certifications (e.g., CISSP, OSCP, CCSP, AWS Security Specialty)
- Technical Skills
- Cybersecurity
- Vulnerability management, penetration testing, threat modeling
- Security tools: SAST, DAST, SCA, SIEM, SOAR, CNAPP, CSPM
- Zero Trust architecture, IAM/PAM, network security
- Experience applying:
- MITRE Telecommunication&CK/ATLAS
- NIST AI Risk Management Framework
- AI & Emerging Security
- AI and model fundamentals
- AI security risks
- Experience with LLMs, RAG, and agentic AI systems
- Experience with autonomous agents or multi-agent AI systems
- Experience configuring and using AI-driven security tools or platforms
- Software Engineering & Automation
- Programming: Python (required), plus one or more (Java, Go, C#, etc.)
- Experience writing:
- Secure code
- Automation scripts
- Infrastructure as Code (Terraform, etc.)
- Experience generating or validating automated code fixes
- Cloud & Infrastructure
- AWS, Azure, and/or GCP security services
- Containers and Kubernetes security
- API security and microservices architecture
- Key Competencies
- Strong problem-solving and systems thinking
- Ability to translate security issues into practical solutions
- Deep curiosity about emerging threats and AI capabilities
- Balance between automation and risk control
- Excellent communication with both technical and non-technical stakeholders.
