We get to the heart of the matter.....real people......real solutions
Forward Deployed Engineer – AI SOC
Location
United States
Posted
1 day ago
Salary
$160K - $200K / year
Seniority
Senior
Job Description
Forward Deployed Engineer – AI SOC
Thinkahead Consultant Psychologist Pty Ltd
• Serve as the technical lead for deploying and operationalizing security and AI solutions in customer or enterprise environments • Translate business, operational, and security requirements into deployable architectures and implementation plans • Partner with internal and external stakeholders to ensure solutions are aligned to operational goals, compliance requirements, and long-term platform strategy • Act as a trusted advisor during onboarding, implementation, rollout, and optimization phases • Design and implement integrations across SIEM, XDR, SOAR, case management, data platforms, and AI-enabled tooling • Build and configure cloud-native data ingestion, normalization, and enrichment pipelines for security telemetry • Integrate APIs, webhooks, message queues, and automation workflows across identity, endpoint, cloud, network, and application ecosystems • Develop reusable deployment patterns, templates, and technical assets to accelerate future implementations • Operationalize AI and automation use cases within security workflows, including alert enrichment, triage support, summarization, clustering, playbook selection, and analyst copilots • Work with detection engineering and data teams to support the implementation of behavioral analytics, anomaly detection, risk scoring, and other AI-assisted security use cases • Help define data requirements, feedback loops, and operational guardrails needed to support effective AI outcomes in production environments • Ensure deployed solutions are practical, measurable, and aligned to analyst workflows and response objectives • Implement secure and governed automation for investigation and response use cases across heterogeneous environments • Support resiliency, observability, performance, and scale requirements for deployed solutions • Troubleshoot integration issues, deployment blockers, and production challenges in partnership with platform, cloud, and security teams • Improve reliability and maintainability through documentation, testing, monitoring, and standardized engineering practices • Collaborate across Security Operations, Security Engineering, Detection Engineering, Data Science, Infrastructure, and product or customer teams • Communicate technical concepts clearly to both technical and non-technical stakeholders • Mentor engineers and contribute to best practices for implementation, delivery, and technical solution design • Provide field feedback to influence platform roadmap, product direction, and architectural standards.
Job Requirements
- 5+ years of experience in security engineering, platform engineering, forward deployed engineering, solutions engineering, or related technical roles
- Hands-on experience implementing and operating modern SOC technologies such as SIEM, XDR, and SOAR
- Experience deploying cloud-native architectures on at least one major cloud provider such as AWS, Azure, or GCP
- Strong background in data integration, telemetry pipelines, normalization, and security analytics workflows
- Experience working directly with customers, internal stakeholders, or cross-functional delivery teams in implementation-focused environments
- Ability to lead technical engagements, drive execution, and influence outcomes without direct authority.
Benefits
- Medical, Dental, and Vision Insurance
- 401(k)
- Paid company holidays
- Paid time off
- Paid parental and caregiver leave
- Plus more! See benefits https://www.aheadbenefits.com/ for additional details.
Related Guides
Related Categories
Related Job Pages
More Security Operations Jobs
• Monitor security alerts and events across Box’s environment using SIEM and other detection tools. • Lead and coordinate the end-to-end response to security incidents. • Conduct in-depth forensic analysis of endpoints, logs, and network traffic. • Develop and refine incident response playbooks, runbooks, and procedures. • Collaborate with Engineering, Legal, and Compliance teams. • Identify trends and patterns in security data to proactively surface emerging threats. • Contribute to threat intelligence programs by researching adversary tactics, techniques, and procedures (TTPs).
Director of IT – Security Operations
RealTime eClinical SolutionsBetter research. Better business. Better outcomes.
• Owns the security, availability, and compliance of the systems. • Operate and evidence the controls required for SOC 2 Type 2 and HIPAA. • Maintain the risk register and run an annual risk assessment. • Enforce least privilege access across corporate and production systems. • Manage cloud hosting vendors and environment changes. • Monitor the security of corporate and cloud environments. • Manage the team providing technical support to employees. • Design and manage the disaster-recovery and business-continuity process.
Security Engineer – Incident Response
AsymmetricEarly stage capital for disruptive technology companies.
• Serve as Incident Commander for SIRN-related security cases • Lead incident triage efforts • Coordinate with internal AR teams and external Solana ecosystem stakeholders • Develop, tune, and triage telemetry signals • Identify gaps in current detection coverage • Author, maintain, and continuously improve incident runbooks • Provide operational and logistical support to the SIRN project team • Escalate to AR Engineering and Consulting leads as appropriate
Security Operations Engineer
PaxosPaxos is a regulated blockchain infrastructure company building transparent and transformative financial solutions.
• Triage, investigate, and respond to security alerts across endpoints, cloud infrastructure, and network telemetry. • Take a builder’s mindset to the role by automating repetitive workflows and using AI to increase speed, scale, and effectiveness. • Execute containment and remediation actions for confirmed incidents, while following and continuously improving established runbooks. • Tune and maintain SIEM and EDR detections to reduce false positives, strengthen signal quality, and close coverage gaps. • Apply threat intelligence, including IOCs and TTPs, to active investigations and ongoing monitoring. • Participate in the on-call rotation and contribute clear, actionable post-incident documentation.



