Cybersecurity AI/ML Engineer

Booz Allen HamiltonMcLean, VA
$77,600 - $176,000Remote

About The Position

As a Cybersecurity AI/ML Engineer, you will operate as a hands-on technical contributor and engineering leader responsible for building, scaling, and operationalizing AI/ML systems that power Booz Allen's Cyber Operations teams. This role emphasizes production engineering and platform delivery, turning models, security telemetry, and analyst workflows into reliable, low-latency, observable services and pipelines that measurably improve prevention, detection, response, and recovery outcomes. You will bridge ML engineering and security operations by translating models, threat models, and analyst needs into production-grade data and feature pipelines, training systems, inference services, and monitoring frameworks deployed across cloud, network, endpoint, identity, and application telemetry domains. You will originate, facilitate, and lead cross-functional efforts to mature AI-enabled cybersecurity capabilities, including real-time detection inference at scale, alert triage automation, LLM and agentic analyst tooling, and SOC platform integrations while guiding teams through MLSecOps, secure-AI engineering, and responsible AI practices. Perform code and architecture reviews, provide technical direction for complex ML systems initiatives, including SIEM, SOAR, and EDR ML integrations, cloud-native ML platforms for security, and GenAI services for analysts, and translate requirements into actionable, measurable implementation plans. Leverage strong software engineering, systems, and communication skills to assess complex security and platform problems, align technical and non-technical stakeholders, and drive decisions to closure in support of Booz Allen Hamilton's critical enterprise infrastructure, go-to-market platforms, and mission operations. The ideal candidate for our Enterprise Cybersecurity team is technically inclined, intellectually curious, and adaptable, with a strong cyber-defense mindset. They thrive in a fast-paced, dynamic environment and are continuous learners who actively seek to understand complex challenges, ask thoughtful questions, and look beyond the obvious to identify innovative and effective ways of working. They bring a security-first perspective, analytical problem-solving skills, and the curiosity and aptitude to continuously evolve as threats, technologies, and mission needs change.

Requirements

  • 3+ years of experience in machine learning engineering, software engineering for ML, or applied AI platform development
  • Experience building and operating production ML systems including cybersecurity or security operations
  • Experience developing, testing, and integrating ML services across security tools and platforms using APIs, automation, and workflow orchestration and applying AI and machine learning to cybersecurity use cases such as threat and anomaly detection, behavioral analytics, alert triage and prioritization, threat hunting support, analyst copilots, and response automation with measurable impact on SOC outcomes
  • Experience software engineering in Python for ML and security use cases, including production-quality code, design patterns, unit and integration testing, packaging, version control, CI/CD, Docker containerization, and container orchestration including Kubernetes
  • Experience working with the modern AI/ML stack, including PyTorch or TensorFlow, scikit-learn, Hugging Face, LangChain/LlamaIndex, agent frameworks, model serving frameworks, KServe, BentoML, Triton, Ray Serve, embedding-based retrieval, and vector databases such as pgvector, OpenSearch, Pinecone, and Milvus
  • Experience operationalizing AI/ML systems or MLOps, model versioning, experiment tracking, feature stores, evaluation harnesses, drift and quality monitoring, and CI/CD for models such as MLflow, Weights & Biases, SageMaker, Vertex AI, Azure ML, and Kubeflow
  • Knowledge of secure AI implementation practices and frameworks including model and data protection, prompt and inference risk, agent guardrails, evaluation against adversarial inputs, ML supply chain security, and governance controls aligned to NIST AI RMF, OWASP LLM Top 10, and MITRE ATLAS
  • Knowledge of modern cybersecurity threats and attack patterns, including ransomware, insider threats, credential abuse, data exfiltration, and AI-enabled attack techniques such as prompt injection, model evasion, data poisoning, and model theft
  • Ability to obtain a Secret clearance
  • Bachelor's degree

Nice To Haves

  • Experience with programming or scripting languages used in ML, security, and automation environments such as Python, Go, Rust, SQL, PowerShell, and Bash
  • Experience designing, deploying, and maintaining enterprise-scale ML and security systems for sensitive or regulated environments including FedRAMP, IL4, IL5, HIPAA, and PCI
  • Experience designing and building agentic AI systems for security operations, multi-step reasoning, tool and function calling, retrieval pipelines, and human-in-the-loop workflows
  • Experience fine-tuning, distilling, quantizing, or serving LLMs and other models for domain-specific security tasks, including automated eval harnesses and red-teaming AI systems
  • Experience evaluating and integrating AI-enabled cybersecurity tooling such as AI-assisted SIEM, SOAR, UEBA, behavioral analytics, model-driven detection workflows into enterprise security operations via APIs and event-driven architectures
  • Experience designing and implementing AI/ML services and pipelines over enterprise security telemetry spanning network, endpoint, application, identity, and cloud environments
  • Knowledge of AI governance, model risk management, and policy controls aligned to enterprise and regulatory expectations for responsible AI use
  • Knowledge of data governance frameworks, data classification standards, and privacy regulations such as GDPR and CCPA
  • Knowledge of distributed data and streaming platforms, including Kafka, Kinesis, Spark, and Flink, database structures, data modeling fundamentals, and query optimization, including SQL and NoSQL
  • IT Engineering, ML, or Security Certifications such as AWS, GCP, Azure ML Engineer, CKAD, CKA, CISSP, CCSP, CDPSE, cloud security Certifications, or AI security Certifications such as ISC2 CAISS or IAPP AIGP Certification

Responsibilities

  • Design, build, and deploy production AI/ML services for cybersecurity, including supervised and unsupervised detection models, anomaly and behavioral analytics, NLP on security text, retrieval-augmented generation (RAG) pipelines, agentic workflows, and LLM-assisted analyst tooling and own them end-to-end, data ingest → feature pipelines → training and tuning → packaging → deployment → serving → monitoring → retraining.
  • Engineer scalable batch and streaming data and feature pipelines over security telemetry including logs, EDR, network, identity, cloud, and threat intel with online and offline parity, feature stores, schema and contract management, and reproducible datasets that power detection, triage, and hunting use cases.
  • Build, harden, and operate ML platforms and inference services, including low-latency real-time scoring, batch inference, model packaging and containerization, autoscaling, canary and shadow deployments, observability, and rollback, to meet SOC throughput, latency, and reliability SLOs.
  • Apply secure-AI and MLSecOps engineering practices throughout the AI/ML lifecycle, including model and data protection, prompt and inference risk mitigation, evaluation against adversarial inputs such as evasion, poisoning, and prompt injection, model and dataset supply chain security, and responsible AI controls.
  • Integrate ML services and analytics into security tools and workflows such as SIEM, SOAR, EDR, IAM, or CSPM via APIs and event-driven architectures extending detection logic, enrichment, and response playbooks with custom ML/LLM capabilities where commercial tooling falls short.
  • Develop automation, scripting, and infrastructure-as-code (IaC) to enable repeatable, testable, and version-controlled ML pipelines, model deployments, and security data integrations across cloud and on-prem environments.
  • Collaborate across data science, platform, data, threat intelligence, and SOC operations teams to deliver end-to-end solutions, embed ML practices into DevSecOps and MLSecOps pipelines, and drive implementation through measurable operational outcomes.

Benefits

  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service