Lead Engineer, Cyber Security Counter Threat Management

Royal Caribbean Cruises LtdMiami, FL
Onsite

About The Position

Royal Caribbean Group is seeking a full-time Lead Engineer, Cybersecurity Counter Threat Management to join their Global Information Security Team. This role reports to the Senior Manager, Cybersecurity Counter Threat Management and is based onsite in Miramar, Florida. The position focuses on architecting, building, and operating AI-driven automation solutions to enhance security defense capabilities, working at the intersection of AI/ML, security engineering, and DevSecOps to reduce manual work, accelerate threat response, and strengthen the enterprise security posture. The position is not eligible for work authorization sponsorship.

Requirements

  • 6+ years in software, cybersecurity and/or automation engineering
  • 2+ years working hands-on with AI/LLM systems in production
  • Expert-level proficiency in Python and/or Node.js for building scalable integrations and automation
  • Proven experience designing with LLM APIs (Anthropic, OpenAI, AWS Bedrock) and agentic frameworks (LangChain, Mastra, CrewAI, or similar) in enterprise environments
  • Deep hands-on experience with security platforms (SIEM/SOAR, EDR, firewalls, ticketing) and their APIs
  • Strong understanding of REST APIs, MCP servers, event-driven architectures, and message queuing
  • Solid grasp of core security domains: MITRE ATT&CK, threat intelligence, IAM, vulnerability management, and incident response lifecycle
  • Experience securing AI/LLM systems against prompt injection, model abuse, and data leakage
  • Familiarity with Splunk SPL, KQL, or similar query languages at scale

Nice To Haves

  • Security certifications (CySA+, CISSP, AWS Security Specialty, OSCP)
  • Background in red team, threat hunting, or detection engineering
  • Prior experience in a SOC, MSSP, or enterprise security operations environment

Responsibilities

  • Architect and deploy AI-powered automation workflows for security use cases including threat detection, incident response, vulnerability triage, and compliance monitoring
  • Build and maintain production-grade AI agents and orchestration pipelines that integrate deeply with security tooling (SIEM, EDR, SOAR, firewalls, identity platforms)
  • Lead development of LLM-based solutions for log analysis, alert enrichment, and natural language querying of security data
  • Own end-to-end integrations with platforms such as CrowdStrike, Splunk, ServiceNow, and cloud security services
  • Act as a technical SME for SOC analysts and incident responders — identifying high-value automation opportunities, owning delivery, and measuring impact on MTTR
  • Define and enforce standards for AI automation security: least privilege, secrets management, audit logging, and prompt injection controls
  • Evaluate emerging AI models, agentic frameworks, and cybersecurity tooling — translating them into actionable capability roadmap items
  • Mentor junior engineers and provide technical guidance across cross-functional security and engineering teams

Benefits

  • Competitive compensation and benefits package
  • Excellent career development opportunities
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service