Cybersecurity Engineer / Analyst - AI Integration

Overview

Join the Frontlines of AI-Driven Cyber Defense

SOSi is on the hunt for a Cybersecurity Engineer / Analyst - AI Integration to help shape the future of network security for INDOPACOM. This isn't your typical SOC role - it's a hands-on opportunity to experiment with AI and LLM technologies, embedding them into real-world SOAR pipelines, detection workflows, and automation playbooks.

We're looking for a curious innovator. If you have a passion for pushing boundaries in cyber defense, you'll collaborate directly with the NSOC Director to build the next-gen AI-enhanced SOC!

Essential Job Duties

• Support the integration of AI/LLM models (e.g., Gemini, GPT, open source) into SOC tools and workflows.
• Assist in developing automation pipelines for triage, enrichment, and incident response.
• Work with Detection Engineers to connect AI outputs into SIEM, SOAR, and EDR platforms.
• Help validate AI-assisted detections and automation with analyst feedback to reduce false positives.
• Maintain logs, document use cases, and share lessons learned for continuous improvement.
• Stay current on AI/LLM trends and open-source projects that can be adapted to mission requirements.
• Participate in NSOC exercises to test AI-enabled detection and response workflows.

Minimum Requirements

• Active in scope SECRET clearance.
• Bachelor's Degree in Cybersecurity, Computer Science, Information Systems, or related field; equivalent work experience/certifications considered.
• DoD 8140 baseline certification (CySA+ or SSCP or GSEC or CEH or CFR or GCIA or GCIH).
• Demonstrated hands-on experience with AI/LLM technologies (home labs, open-source projects, certifications, or professional use cases).
• Familiarity with SIEM, SOAR, and EDR platforms.
• Basic scripting/automation experience (Python, PowerShell, REST APIs).

Preferred Qualifications

• Active Top Secret clearance with ability to obtain/maintain TS/SCI.
• Experience applying AI/LLMs in security workflows (e.g., enrichment, log analysis, playbook automation).
• Cloud or AI-related certifications (Microsoft AI Engineer, TensorFlow Developer, Google Cloud ML Engineer).
• Vendor certifications (Elastic, Splunk, Palo Alto, Tenable, etc.).

Work Environment

• Location: Hawaii NSOC.
• Schedule: Standard 8-hour shifts, Monday-Friday, within core business hours (0600-1700 HST).
• Coverage: The NSOC operates 24/7. While this role is primarily dayshift, the engineer/analyst may be asked to support off-hours incidents, exercises, or escalations as mission needs require.
• Environment: Fast-paced, mission-critical operations requiring flexibility, collaboration, and responsiveness.
• Relocation packages may include a two-year commitment.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.