Senior/Staff/Principal AI/ML Engineer – Threat Detection Engineering

AppGate

AI/ML Engineer developing threat detection algorithms and operationalizing ML systems for security solutions. Work involves identity security and behavioral analytics with advanced technologies.

Posted 5/11/2026full-timeRemote • New York • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies

ApacheCloudKafkaSpark

About the role

Key responsibilities & impact

Your engineering work will directly enable next-generation capabilities, including:
Threat Detection Engine: Build advanced detections to identify threats early, including identity compromise, privilege escalation, impossible travel, and data exfiltration across identity, network, device, and session telemetry.
ML Anomaly Detection: Production models using Isolation Forest, One-Class SVM, and Autoencoder neural networks to surface behavioral outliers that rules miss.
Risk Aggregation & Enforcement: Design/develop accurate and explainable risk scoring systems that continuously normalize and correlate detection signals into dynamic user, device, and session risk scores that directly drive adaptive access enforcement decisions.
Real-Time Detection Pipeline: Build scalable, low-latency streaming pipelines that process ZTNA events in near real time, enabling resilient, high-throughput security analytics.
AI Agent Security: Define and implement security controls for autonomous AI agents, including detection of agent drift, unauthorized resource access, prompt injection attacks, privilege escalation, data leakage, and other emerging threats in Agentic AI systems.
Autonomous Remediation (Roadmap): Leverage agentic AI to automate threat investigation, contextual analysis, and remediation workflows, enabling intelligent containment and response for high-confidence security incidents.
Design and implement detection algorithms spanning authentication, authorization, network/location, data access, session management, and temporal behavioral domains.
Train, evaluate, and deploy ML models on real-world identity and network telemetry; tune for production precision and recall targets.
Architect and operate the detection pipeline — from audit log ingestion through risk aggregation and Risk Sentinel integration.
Define the detection taxonomy — categorizing, prioritizing, and lifecycle-managing the full detection library using a scalable detection family model.
Instrument and improve signal quality — measuring MTTD, false positive rates, and MITRE ATT&CK coverage; partnering with red teams to validate detections against real attack scenarios.
Collaborate cross-functionally with security, product, and platform engineering to align detection coverage with customer threat models and roadmap priorities.

Requirements

What you’ll need

7+ years of production AI/ML engineering experience, with a strong preference for candidates who have built threat detection, UEBA, ITDR, or identity security platforms at leading security or cloud companies.
Detection algorithm expertise: Hands-on experience designing detections for identity-based threats — credential compromise, privilege escalation, insider activity, behavioral anomalies, and data exfiltration.
ML proficiency: Experience building AI-powered security systems using large language models, deep learning, and agentic AI techniques for threat detection, anomaly analysis, contextual investigation, and intelligent remediation.
Data & streaming engineering: Real-time or near-real-time pipeline experience (Kafka, Flink, Spark Streaming, or equivalent); familiarity with lakehouse formats (Apache Iceberg, Parquet).
Security domain knowledge: MITRE ATT&CK, identity threat kill chains, ZTNA or network access control systems, and audit log analysis.
Bonus: Experience with detection-as-code frameworks (Sigma, YARA), ZTNA platforms, LLMs or GNNs applied to security, or publications at USENIX, CCS, NeurIPS, or ICML.
Mindset: Mission-driven, production-focused, signal-obsessed. You measure precision and recall, you eliminate alert fatigue, and you care that your work protects real systems.

Benefits

Comp & perks

🌐 Worldwide ❌ Jobs You've Hidden ⭐️ Saved Jobs ✅ Applied Jobs ✉️ Email Alerts 👤 Account AppGate Website LinkedIn All Job Openings 501 - 1000 employees 🔒 Cybersecurity 🏢 Enterprise Cybersecurity
Enterprise AppGate is a global cybersecurity company that delivers high-performance Zero Trust Network Access (ZTNA) solutions for enterprises and government agencies. Its platform enforces identity-based, adaptive access policies using real-time risk scoring, AI-powered application discovery, and a direct-routed architecture designed to avoid cloud bottlenecks and scale with demanding environments. AppGate also provides professional services and cyber advisory offerings — including adversary simulation, penetration testing, and third-party access risk assessments — to help organizations implement and operationalize Zero Trust controls. Senior/Staff/Principal AI/ML Engineer – Threat Detection Engineering 🔥 5 minutes ago 🗽 New York – Remote ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer Apache Cloud Kafka Spark Apply Now Find Hiring Managers Customize resume + cover letter Report problem ☆ Save ☑️ Mark as applied ❌ Hide 📋 Description
Your engineering work will directly enable next-generation capabilities, including:
Threat Detection Engine: Build advanced detections to identify threats early, including identity compromise, privilege escalation, impossible travel, and data exfiltration across identity, network, device, and session telemetry.
ML Anomaly Detection: Production models using Isolation Forest, One-Class SVM, and Autoencoder neural networks to surface behavioral outliers that rules miss.
Risk Aggregation & Enforcement: Design/develop accurate and explainable risk scoring systems that continuously normalize and correlate detection signals into dynamic user, device, and session risk scores that directly drive adaptive access enforcement decisions.
Real-Time Detection Pipeline: Build scalable, low-latency streaming pipelines that process ZTNA events in near real time, enabling resilient, high-throughput security analytics.
AI Agent Security: Define and implement security controls for autonomous AI agents, including detection of agent drift, unauthorized resource access, prompt injection attacks, privilege escalation, data leakage, and other emerging threats in Agentic AI systems.
Autonomous Remediation (Roadmap): Leverage agentic AI to automate threat investigation, contextual analysis, and remediation workflows, enabling intelligent containment and response for high-confidence security incidents.
Design and implement detection algorithms spanning authentication, authorization, network/location, data access, session management, and temporal behavioral domains.
Train, evaluate, and deploy ML models on real-world identity and network telemetry; tune for production precision and recall targets.
Architect and operate the detection pipeline — from audit log ingestion through risk aggregation and Risk Sentinel integration.
Define the detection taxonomy — categorizing, prioritizing, and lifecycle-managing the full detection library using a scalable detection family model.
Instrument and improve signal quality — measuring MTTD, false positive rates, and MITRE ATT&CK coverage; partnering with red teams to validate detections against real attack scenarios.
Collaborate cross-functionally with security, product, and platform engineering to align detection coverage with customer threat models and roadmap priorities. 🎯 Requirements
7+ years of production AI/ML engineering experience, with a strong preference for candidates who have built threat detection, UEBA, ITDR, or identity security platforms at leading security or cloud companies.
Detection algorithm expertise: Hands-on experience designing detections for identity-based threats — credential compromise, privilege escalation, insider activity, behavioral anomalies, and data exfiltration.
ML proficiency: Experience building AI-powered security systems using large language models, deep learning, and agentic AI techniques for threat detection, anomaly analysis, contextual investigation, and intelligent remediation.
Data & streaming engineering: Real-time or near-real-time pipeline experience (Kafka, Flink, Spark Streaming, or equivalent); familiarity with lakehouse formats (Apache Iceberg, Parquet).
Security domain knowledge: MITRE ATT&CK, identity threat kill chains, ZTNA or network access control systems, and audit log analysis.
Bonus: Experience with detection-as-code frameworks (Sigma, YARA), ZTNA platforms, LLMs or GNNs applied to security, or publications at USENIX, CCS, NeurIPS, or ICML.
Mindset: Mission-driven, production-focused, signal-obsessed. You measure precision and recall, you eliminate alert fatigue, and you care that your work protects real systems. Apply Now 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score Similar Jobs Senior Machine Learning Engineer, Trust 🔥 57 minutes ago Airbnb 5001 - 10000 👥 B2C 🛍️ eCommerce Website LinkedIn All Job Openings Senior Machine Learning Engineer developing ML systems to protect users from fraud at Airbnb. Collaborating with cross-functional teams to build impactful machine learning solutions. 🇺🇸 United States – Remote 💵 $200k - $235k / year 💰 Post-IPO Equity on 2020-12 ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer 🦅 H1B Visa Sponsor Java Python PyTorch Scala Tensorflow Senior MLOps Engineer 🔥 1 hour ago EBSCO Information Services 1001 - 5000 📚 Education 🤝 B2B ☁️ SaaS Website LinkedIn All Job Openings Senior ML Ops Engineer at EBSCO focusing on designing, building, and maintaining ML pipelines within AWS. Collaborating within a distributed agile environment to support ML workflows. 🇺🇸 United States – Remote 💵 $120.1k - $171.6k / year ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer 🦅 H1B Visa Sponsor AWS Docker ETL Jenkins Python PyTorch Scikit-Learn Tensorflow Terraform Senior Manager – Machine Learning 🔥 1 hour ago Kafene 51 - 200 💳 Fintech 🤝 B2B Website LinkedIn All Job Openings Senior Manager of Machine Learning Engineering responsible for designing and deploying ML models for credit risk. Collaborating with cross-functional teams to enhance risk management effectively. 🇺🇸 United States – Remote 💵 $95k - $140k / year 💰 $15M Debt Financing - Kafene on 2024-01 ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer 🦅 H1B Visa Sponsor Python SQL Senior Machine Learning Engineer 🔥 1 hour ago Knowmadics 51 - 200 🔒 Cybersecurity 🏛️ Government ☁️ SaaS Website LinkedIn All Job Openings Machine Learning Engineer building machine learning solutions for space and critical infrastructure defense. Involves pipeline design, optimization, and collaboration with cross-functional teams. 🇺🇸 United States – Remote ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer ETL Kafka Python PyTorch Spark Senior Product Manager, Modeling & Machine Learning Operations 🔥 5 hours ago Zeta Global 1001 - 5000 ☁️ SaaS 🤖 Artificial Intelligence 🤝 B2B Website LinkedIn All Job Openings Senior Product Manager at Zeta Global leading Machine Learning Operations initiatives and developing retail-specific models. Empowering marketers with user-friendly tools for Machine Learning. 🇺🇸 United States – Remote 💵 $150k - $190k / year 💰 Post-IPO Debt on 2024-09 ⏰ Full Time 🟠 Senior 🤖 Machine Learning Engineer 🦅 H1B Visa Sponsor View More Machine Learning Engineer Jobs 🌐 Worldwide Built by Lior Neu-ner. I'd love to hear your feedback — Get in touch via DM or support@remoterocketship.com Search Search Jobs by country Search jobs by city Search jobs by job title Search entry-level jobs Search junior-level jobs Search senior-level jobs Search jobs by tech stack Search jobs by contract type Search remote internships Search remote part-time jobs Remote jobs Anywhere in the World Companies Hiring Anywhere in the World Companies Hiring Sales People Anywhere in the World Companies Hiring Software Engineers Anywhere in the World Resources Advice Tips for finding remote jobs Interview questions and answers Resume examples Cover letter examples Post a job Affiliates Privacy policy Terms of service Job board SEO course AI Apply Copilot OpenClaw job finder Jobs by Country Remote jobs anywhere in the world (Worldwide remote jobs) Remote jobs United States Remote jobs Australia Remote jobs Brazil Remote jobs Canada Remote jobs France Remote jobs Ireland Remote jobs Germany Remote jobs Netherlands Remote jobs Spain Remote jobs UK Popular Jobs Remote data analyst jobs Remote customer support jobs Remote executive assistant jobs Remote marketing jobs Remote product designer jobs Remote product manager jobs Remote project manager jobs Remote recruiter jobs Remote sales jobs Remote software engineer jobs Jobs by Type Remote full-time jobs Remote part-time jobs Remote contract jobs Remote internship jobs Remote entry-level jobs Remote jobs with no experience required Remote junior jobs (1-3 years of experience) Digital nomad jobs Remote jobs with no degree required Freelance remote jobs Temporary remote jobs Remote jobs hiring now Stay at home mom jobs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

AI engineeringML engineeringthreat detectionanomaly detectiondetection algorithmsdata exfiltrationreal-time pipelinestreaming engineeringlarge language modelsdeep learning

Soft Skills

mission-drivenproduction-focusedsignal-obsessed