Principal AI SOC Engineer

Tyto Athene is hiring a Principal AI SOC Engineer to drive efficiency, velocity, and operational effectiveness across Security Operations Centers (SOCs) supporting federal missions. This is a hands-on engineering role for someone who has deep SOC experience, has integrated SOC tooling, and knows how to transform analyst pain points into scalable, automated solutions.

The ideal candidate is a builder and leader, an engineer comfortable working across SIEM, SOAR, automation frameworks, and AI/ML platforms, with experience in Google SecOps considered a strong plus. This role blends technical execution with engineering leadership, including backlog grooming, solution design, delivery oversight, and active contributions to code, architecture, and team mentoring.

Responsibilities:

• Support design and engineer AI-powered SOC capabilities that improve analyst efficiency, reduce alert fatigue, and accelerate detection and response.
• Partner with engineers and developers to deliver SOC and automation solutions, setting a high technical bar through hands-on contribution and shared ownership.
• Apply AI/ML and GenAI techniques to SOC engineering problems, including alert enrichment, prioritization, correlation, and automated response.
• Build and evolve detection and response pipelines across SIEM, SOAR, EDR, and cloud security platforms.
• Engineer solutions across SIEM and SOAR platforms, including Elastic, Splunk, Azure or SecOps with a tool-agnostic mindset.
• Integrate Google SecOps and GCP-native services where appropriate to enhance detection, visibility, and response.
• Support design of scalable SOC architectures that support high-volume telemetry and real-time operational workflows.
• Build and maintain strong SOC automation using SOAR, custom services, and AI-driven decisioning.
• Improve SOC velocity and throughput by automating repetitive analyst tasks and standardizing response patterns.
• Engineer workflows that translate detections into actionable, automated outcomes across security and infrastructure controls.
• Own and groom the engineering backlog; prioritize, design, and ship production-ready solutions.
• Translate user stories and operational requirements into concrete technical designs and implementations.
• Set engineering standards and patterns for AI-enabled SOC capabilities across the organization.

Qualifications

Required:

• 8-12 years of hands-on experience in enterprise IT engineering, with expertise spanning cybersecurity, cloud platforms, SecOps, AI/ML, and emerging technologies.
• 3-5 years of direct SOC engineering experience, including designing, building, and optimizing SOC tooling, with at least 2 years supporting federal SOC environments (civilian agencies, DoD, Intelligence Community, or federal law enforcement).
• 3+ years of hands-on experience applying AI/ML techniques to cybersecurity or operational systems, including building AI-enabled security workflows for alert enrichment, triage, detection engineering, or automated response.
• 2+ years of practical experience working with LLMs or GenAI systems in production or near-production environments, including RAG pipelines or LLM-integrated automation for SOC use cases.
• Strong experience with SOC automation, orchestration, and playbook design, including API-driven integrations and engineering detection, correlation, and response pipelines.
• Demonstrated ability to lead a team of engineers, setting technical strategy, reviewing designs, and fostering best practices in SOC, cloud, and AI/ML engineering initiatives.

Desired:

• Experience with Google Cloud Platform (GCP), including Google SecOps and Vertex AI for ML/GenAI use cases.
• Google Professional Certifications: Cloud Security Engineer, Cloud Security Architect, Machine Learning Engineer.

Clearance:

• SECRET clearance eligible (active clearance not required)

Location:

• Reston, VA (Hybrid)

About Tyto Athene

Compensation:

• Compensation is unique to each candidate and relative to the skills and experience they bring to the position. This does not guarantee a specific salary as compensation is based upon multiple factors such as education, experience, certifications, and other requirements, and may fall outside of the above-stated range.

Benefits:

• Highlights of our benefits include Health/Dental/Vision, 401(k) match, Paid Time Off, STD/LTD/Life Insurance, Referral Bonuses, professional development reimbursement, and parental leave.

Tyto Athene is a trusted leader in IT services and solutions, delivering mission-focused digital transformation that drives measurable success. Our expertise spans four core technology domains-Network Modernization, Hybrid Cloud, Cybersecurity, and Enterprise IT-empowering our clients with cutting-edge solutions tailored to their evolving needs. With over 50 years of experience, Tyto Athene proudly support Defense, Intelligence, Space, National Security, Civilian, Health, and Public Safety clients across the United States and worldwide.

At Tyto Athene, we believe that success starts with our people. We foster a collaborative, innovative, and mission-driven environment where every team member plays a critical role in shaping the future of technology. Are you ready to join #TeamTyto?

Tyto Athene, LLC is an Equal Opportunity Employer; all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, [sexual orientation, gender identity,] national origin, disability, status as a protected veteran, or any characteristic protected by applicable law.