simspace-corporation - Senior AI-Centric Threat Hunter

• The Senior AI-Centric Threat Hunter will be part of a team developing methodologies of incorporating AI agents into cybersecurity workflows, designing experiments to help develop/test AI agents and models, delivering instructional content to customers, and facilitating a variety of Blue Team exercises for SimSpace and our customers. When facilitating exercises, you will be responsible for teaching security concepts, demonstrating practical/hands-on use of open source and commercial security tools; referencing both well established and cutting edge techniques that Cybersecurity Incident Response Teams might use to effectively defend their networks from advanced cyber threats. • What will you be doing as a Senior AI-Centric Threat Hunter at SimSpace? • Lead an internal initiative to research and integrate candidate agentic capabilities into test environments • Serve as a consultant to customers looking to integrate agentic capabilities into their cybersecurity enterprise in how to identify, integrate and test capabilities prior to deployment • Keep up with industry evolution around AI and cybersecurity operations reviewing publications and standards • Bring world class mentorship of advanced threat hunting tactics and strategy for our global clients and international organizations. • Utilize years of Blue Teaming experience to establish parsing rules, dashboards, and tuning of numerous enterprise security tools in our cyber range platform to exceed client goals and objectives. • Work with our range operations team to develop toolsets and scenarios within a cybersecurity range to model real-world threat defense scenarios. • Utilize foresight and awareness of overall business priorities when dealing with competing requirements and needs from across the organization in order to build consensus and drive results. • Takes initiative in day-to-day tasks, leads projects, and mentors other team members. • Navigate and work effectively across a complex, geographically dispersed organization. • Support assessment of customer security teams and customer events ( this means the role will require national and international travel estimated up to 25-30%). • What are the qualifications to apply? To be successful as a Senior AI-Centric Threat Hunter on SimSpace’s Evaluation Team, you need to have: • Demonstrated proficiency in AI/ML engineering, including practical application and experimentation with AI agents, LLM APIs. • Possess a deep understanding of AI agents, specializing in the orchestration of agent decision loops, tool access frameworks, and memory systems optimized for threat hunting and proactive security operations. • Architecting RAG Systems: Hands-on experience designing and deploying Retrieval-Augmented Generation (RAG) pipelines to ground LLMs in internal threat intelligence, historical incident data, and enterprise security policies while eliminating hallucinations. • Advanced proficiency in Python and standard data science/AI libraries, alongside strong scripting skills for data manipulation (Pandas, Numpy). • Familiarity with open-source AI ecosystems (Hugging Face) and frameworks for running local, privacy-safe LLMs (Ollama, vLLM). • 6+ years of experience in a technical role in the areas of Security Operations, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence. • Experience analyzing host, network, and application telemetry for indicators of attack across the stages of the cyber kill chain. • Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk, Elastic, Python, Pandas, SQL, Hadoop, Hue. • Ability to apply Cyber Threat Intelligence through enrichment, correlation, and attribution. • Experience with setup and/or troubleshooting of security stacks. • Familiarity with offensive security strategies and assessment methodology. • Experience explaining threat hunt objectives to mixed technical and non-technical audiences and ability to communicate associated risk by distilling complex content into digestible information. • Hands-on technical experience and ability to demonstrate hunting for indicators of compromise in numerous enterprise scale EDR and SIEM tools to include Splunk, Elastic, Crowdstrike, and many other major vendors. • Previous experience performing digital forensics or indecent response on major security incidents. • Demonstrated self-starter with a constant desire to help others improve and build the team. • We’re proud to offer a competitive and comprehensive package designed to support your well-being, growth, and success: