Job Description: The next evolution of AI powered cyber defense is here. With the rise of cloud and modern technologies, organizations struggle with the vast amount of data and thereby security alerts generated by their existing security tools. Cyberattacks continue to get more sophisticated and harder to detect in the sea of alerts and false positives. According to the Forrester 2023 Enterprise Breach Benchmark Report, a security breach costs organizations an average of $3M and takes organizations over 200 days to investigate and respond. AiStrike’s platform aims at reducing the time to investigate and respond to threats by over 90%. Our approach is to leverage the power of AI and machine learning to adopt an attacker mindset to prioritize and automate cyberthreat investigation and response. The platform reduces alerts by 100:5 and provides detailed context and link analysis capabilities to investigate the alert. The platform also provides collaborative workflow and no code automation to cut down the time to respond to threats significantly. If you have the desire to join the next evolution of cyber defense, are willing to work hard and learn fast, and be part of building something special, this is the company for you. We are seeking a highly skilled and experienced hands-on Principal Software Engineer with over 10+ years of proven expertise in the field. As a Principal Architect, you will play a crucial role in leading the architecture, designing, and implementing scalable cloud solutions for our Cloud-native SaaS products. The ideal candidate will have significant experience and a strong background in object-oriented design and coding skills, with hands-on experience in Java and Python. Roles and Responsibilities: Manage overarching product/platform architecture, and technology selection and make sure that the design and development of all projects follow the architectural vision Design and architect scalable cloud solutions for Cloud-native SaaS development projects in line with the latest technology and practices Successfully communicate, evangelize, and implement the architectural vision across teams and products Design and coordinate projects of significant size and complexity Work with containerization technologies and orchestration software such as Kubernetes on cloud platforms like AWS and Azure. Develop and implement Microservices-based architecture using Java, SpringBoot, ReactJS, NextJS, and other relevant technologies. Implement secure design principles and practices, ensuring the integrity and confidentiality of our systems. Collaborate with cross-geography cross-functional teams to define and refine requirements and specifications. Deploy workloads at scale in AWS EKS/ECS environments and others as needed Create automation and use monitoring tools to efficiently build, deploy and support cloud implementations. Implement DevOps methodologies and tools for continuous integration and delivery. Utilize APM and Monitoring Tools like ELK, Splunk, Datadog, Dynatrace, and Appdynamics for cloud-scale monitoring. Work with potential customers to understand their environment. Provide technical leadership, architecture guidance, and mentorship to the teams. Have a clear focus on scale, cost, security, and maintainability. Stay updated on industry best practices, emerging technologies, and cybersecurity trends. Skills and Qualifications: 10+ years of overall experience in software development and architecture. In depth knowledge and experience in Cloud-native SaaS development and architecture. Proficient in Java, Python, RESTful APIs, API Gateway, Kafka, and Microservices communications. Experience with RDBMS and NoSQL databases (e.g., Neo4J, MongoDB, Redis). Experience in working with Graph databases like Neo4J. Expertise in containerization technologies (Docker) and Kubernetes. Hands-on experience with secure DevOps practices. Familiarity with Multi-Factor Authentication and Single Sign-On principles. Excellent verbal and written communication skills. Self-starter with strong organizational and problem-solving skills. Prior experience in deploying workloads at scale in AWS EKS/ECS/Fargate. Knowledge of Cloud-scale APM and Monitoring Tools (ELK, Splunk, Datadog, etc.). Previous experience in Cybersecurity products is desirable but not mandatory. Preferred: AWS Certified Solutions Architect – Professional or similar certification, including certifications on other cloud platforms. Commitment, team player, integrity and customer focus AiStrike is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law. Show more Show less

Senior Detection Engineer / Threat Hunter Overview The next evolution of AI-powered cyber defense is here. With the rise of cloud and modern technologies, organizations struggle with the vast amount of data and thereby security alerts generated by their existing security tools. Cyberattacks continue to get more sophisticated and harder to detect in the sea of alerts and false positives. According to the Forrester 2023 Enterprise Breach Benchmark Report, a security breach costs organizations an average of $3M and takes organizations over 200 days to investigate and respond. AiStrike’s platform aims to reduce the time to investigate and respond to threats by over 90%. Our approach is to leverage the power of AI and machine learning to adopt an attacker mindset to prioritize and automate cyber threat investigation and response. The platform reduces alerts by 100:5 and provides detailed context and link analysis capabilities to investigate the alert. The platform also provides collaborative workflow and no code automation to cut down the time to respond to threats significantly. We’re seeking a senior-level Detection Engineer and Threat Hunter with deep expertise in modern SIEMs and a strong focus on AI-augmented threat detection and investigation. In this role, you’ll design scalable, modular detection content using Sigma, KQL, and platform-specific query languages — while working with AI to automate detection tuning, threat hunting hypotheses, and investigation workflows across enterprise and cloud environments. Key Responsibilities Develop high-fidelity, AI-ready detection templates to build detection rules in Sigma, KQL, SPL, Lucene, etc., for Microsoft Sentinel, Chronicle, Splunk, and Elastic. Leverage AI-powered engines to prioritize, cluster, and tune detection content dynamically based on environment behavior and telemetry changes. Identify visibility and data coverage gaps across cloud, identity, EDR, and SaaS log sources; work cross-functionally to close them. Lead proactive threat hunts driven by AI-assisted hypotheses, anomaly detection, and known threat actor TTPs. Contribute to AI-enhanced detection-as-code pipelines, integrating rules into CI/CD workflows and feedback loops. Collaborate with SOC, threat intel, and AI/data science teams to continuously evolve detection efficacy and reduce alert fatigue. Participate in adversary emulation, purple teaming, and post-incident reviews to drive continuous improvement. Required Skills 5+ years of hands-on experience in detection engineering, threat hunting, or security operations. Expert-level knowledge of at least two major SIEM platforms: Microsoft Sentinel, Google Chronicle, Splunk, Elastic, or similar. Strong proficiency in detection rule languages (Sigma, KQL, SPL, Lucene) and mapping to MITRE ATT&CK. Experience using or integrating AI/ML for detection enrichment, alert correlation, or anomaly-based hunting. Familiarity with telemetry sources (EDR, cloud, identity, DNS, proxy) and techniques to enrich or normalize them. Ability to document, test, and optimize detection rules and threat hunt queries in a modular, scalable fashion. Strong communication skills and the ability to translate complex threat scenarios into automated, AI-ready detection logic. Nice to Have Experience integrating AI/ML platforms for security analytics, behavior baselining, or entity risk scoring. Familiarity with detection-as-code and GitOps workflows for rule development, testing, and deployment. Scripting knowledge (Python, PowerShell) for enrichment, custom detection logic, or automation. Experience with purple teaming tools like Atomic Red Team, SCYTHE, or Caldera. AiStrike is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law. Show more Show less

Sr Director/ VP AI & Machine Learning – Strategy Overview The next evolution of AI-powered cyber defense is here. With the rise of cloud and modern technologies, organizations struggle with the vast amount of data and thereby security alerts generated by their existing security tools. Cyberattacks continue to get more sophisticated and harder to detect in the sea of alerts and false positives. According to the Forrester 2023 Enterprise Breach Benchmark Report, a security breach costs organizations an average of $3M and takes organizations over 200 days to investigate and respond. AiStrike’s platform aims to reduce the time to investigate and respond to threats by over 90%. Our approach is to leverage the power of AI and machine learning to adopt an attacker mindset to prioritize and automate cyber threat investigation and response. The platform reduces alerts by 100:5 and provides detailed context and link analysis capabilities to investigate the alert. The platform also provides collaborative workflow and no code automation to cut down the time to respond to threats significantly. We are looking for a forward-thinking Leader for AI to define and lead the AI and ML strategy for our next-generation cybersecurity platform. This role sits at the intersection of data science, cybersecurity operations, and product innovation, responsible for transforming security telemetry into intelligent workflows, automated decisions, and self-improving systems. You will lead the vision and execution for how classification, clustering, correlation, and feedback loops are built into our AI-powered threat investigation and response engine. Your work will directly impact how analysts investigate alerts, how automation adapts over time, and how customers operationalize AI safely and effectively in high-stakes security environments. Key Responsibilities ● Define the AI Strategy & Roadmap: Own and drive the strategic direction for AI/ML across investigation, prioritization, alert triage, and autonomous response. ● Architect Feedback-Driven AI Systems: Design scalable feedback loops where analyst input, alert outcomes, and system performance continuously refine models. ● Operationalize ML for Security: Work with detection engineering, platform, and data teams to apply clustering, classification, and anomaly detection on massive datasets—logs, alerts, identities, cloud events—not images or media. ● Guide Complex Security Workflows: Translate noisy, high-volume telemetry into structured workflows powered by AI—spanning enrichment, correlation, and decisioning. ● Collaborate Across Functions: Partner with product managers, detection engineers, threat researchers, and ML engineers to define use cases, data needs, and modeling approaches. ● Ensure Explainability and Trust: Prioritize model transparency, accuracy, and control—enabling human-in-the-loop or override in high-risk environments. ● Lead AI Governance and Deployment Frameworks: Define policies, versioning, validation, and release processes for customer-safe AI usage in production environments. Requirements ● 10+ years of experience in data science, applied ML, or AI product leadership, with at least 3–5 years in cybersecurity, enterprise SaaS, or complex data domains. ● Demonstrated experience applying classification, clustering, correlation, and anomaly detection on structured/semi-structured data (e.g., logs, alerts, network events). ● Strong understanding of cybersecurity workflows: detection, investigation, triage, threat hunting, incident response, etc. ● Experience in building data feedback pipelines or reinforcement learning-like systems where user input improves future predictions or decisions. ● Proven ability to scale AI/ML systems across multi-tenant environments or customer-facing platforms. ● Familiarity with platforms such as Snowflake, Google Chronicle, Sentinel (KQL), or SIEM/SOAR tools is a strong plus. ● Exceptional communication and storytelling skills: able to communicate AI strategy to technical and executive stakeholders alike. ● Experience with security-specific ML tooling or frameworks (e.g., security data lakes, Sigma correlation engines, MITRE ATT&CK mapping). ● Prior work in multi-modal learning environments (signals from logs, identity, cloud infra, etc.). ● Deep familiarity with model evaluation, drift detection, and automated retraining in production settings. ● Exposure to or leadership in building agentic AI workflows or co-pilot-style assistant models in the security space. AiStrike is committed to providing equal employment opportunities. All qualified applicants and employees will be considered for employment and advancement without regard to race, color, religion, creed, national origin, ancestry, sex, gender, gender identity, gender expression, physical or mental disability, age, genetic information, sexual or affectional orientation, marital status, status regarding public assistance, familial status, military or veteran status or any other status protected by applicable law. Show more Show less

Senior Product Manager – AI-Powered Investigation & Response Content Overview We’re seeking a seasoned Senior Product Manager to lead the strategy and delivery of AI-driven threat investigation and response content within our next-gen AI investigation platform. This role is ideal for someone who has hands-on experience with detection logic (e.g., Sigma, KQL, YAML), but is now focused on building scalable pipelines and frameworks that feed AI-based workflows for automated investigation, prioritization, and response. You’ll be responsible for defining how threat signals, detections, and analyst actions are transformed into dynamic content that powers automated and guided investigations—integrated across cloud platforms and SOC environments. Key Responsibilities Own the Product Strategy for investigation and response content that supports AI-based decision-making and automation. Operationalize Content Pipelines to continuously deliver investigation and response content (e.g., decision trees, playbooks, enrichment steps) across customers via CI/CD. Standardize Content Frameworks to ensure structured, reusable, and extensible logic using formats like YAML, Sigma, and JSON. Collaborate with Detection & ML Teams to align investigation triggers, context enrichment, and response actions with AI models and logic engines. Map Detection to Investigation: Work with engineering and threat teams to define how signals from Snowflake, Google Chronicle, Sentinel (KQL), etc., are consumed and enriched in investigation workflows. Drive Feedback Loops: Define structures that enable AI to learn from analyst feedback, human-in-the-loop responses, and investigation outcomes. Ensure Coverage Across Platforms: Coordinate across cloud environments (AWS, Azure, GCP) as well as across products aligning to the same category - Firewalls, IAM, EDR/XDR etc to ensure that AI-driven content works consistently with telemetry from each source. Measure & Optimize content usage, accuracy, and performance across customer environments. Requirements 7–10 years in Product Management or a hybrid Detection Engineering/Content role, preferably in cloud security or threat detection/response. Experience working with or building detection content in Sigma, YAML, or KQL (Microsoft Sentinel). Familiarity with SIEM / data lakes such as Snowflake, Google Chronicle, ELK,Splunk, MS Sentinel or similar systems. Strong understanding of threat detection signals, cloud telemetry, and how they map to automated investigations and playbook-driven response. Demonstrated experience in operationalizing security content using Git-based workflows, CI/CD pipelines, and versioning best practices. Strong collaboration skills; ability to work cross-functionally with engineers, threat researchers, and AI/ML teams. Nice to Have Experience with AI/ML-based investigation platforms or decision engines for security operations. Familiarity with response frameworks like SOAR, XDR, or custom security automation platforms. Prior experience in building multi-tenant, content-driven platforms or working with MSSPs. Scripting skills (Python, Bash) or previous hands-on work automating security tasks. Security certifications (e.g., GCIA, GCTI, CISSP) or prior SOC/IR background. Show more Show less