Principal AI Engineer
Armis is looking for a few of the very best people in their field to join our A-team of big thinkers, doers, movers, and shakers. This unique opportunity truly offers the best of all worlds—start up culture, enterprise level benefits and security, and top pay for the industry. Got your attention yet? Good, keep reading, it only gets better.
Ok, so what exactly does Armis do?
We are THE Asset Intelligence Cybersecurity Company. Armis specializes in protecting enterprises from the ever-evolving threat landscape. Our innovative platform is designed to discover, monitor, and secure all connected devices within an organization, providing unparalleled visibility and control. With a focus on IoT (Internet of Things) security, Armis is at the forefront of safeguarding businesses against cyber threats.
We See, Protect and Manage all physical and virtual assets, whether they're IT, OT, IoT or medical, from the ground to the cloud. Ensuring that the entire attack surface is both defended and managed in real time.
Location - Canada - Toronto ( REMOTE)
The Principal AI Engineer is an integral part of our Detection Labs organization providing expert knowledge in security best practices, security controls and advanced analysis to our customers. Knowledge in AI and AI Multi-Agent Systems, ML, cyber security products and tools, network principals, security standards, practices and controls as well as adversarial tactics and techniques are key components for success in this role.
Responsibilities:
- Utilize tools and create detections (AI based or known indicators) within client environments matching tactics, techniques or procedures (TTPs) of known threat actors, malware or other unusual or suspicious behaviors.
- Assist building a pipeline to support continuous cyber hunts in support of identifying current and emerging threats on behalf of multiple clients, often operating as a lead investigator.
- Provide, as needed, investigative support of large scale and complex security incidents across multiple clients and support their SOC team through the investigation, recommendations, response, and post mortem efforts.
- Contribute to report findings that will be used by Armis Customer Success teams and help deliver reported findings and recommendations to client audiences.
- Support client and internal reporting & dashboarding customization efforts within the Armis platform, as required.
- Work with internal teams on orchestration & tool based enablement and optimization of team processes supporting overall service delivery.
- Partnering with internal Threat Research on TTPs
- Contribute to the documentation of simple and reusable hunt tactics and techniques for the extended and shifting team delivering threat services.
- Help identify, provide design input, and prioritize product feature requests in support of Armis threat hunting capabilities both from the perspective of the internal service and over-arching consuming organizations.
- Establish & maintain client-specific cyber hunt & continuous threat hunting playbooks.
- Operate as subject matter expert (SME) point of contact for clients during business hours.
Qualifications:
- Bachelor’s Degree in Cybersecurity related field preferred
- 5+ years of Cybersecurity experience
- 2 years experience with AI and multi agent systems
- 3+ years in Machine Learning related to cyber security
- 3+ years experience with Python with Git
- Experience applying machine learning to cybersecurity problems.
- Knowledge of TTPs involved in current APT threats and exploits involving various operating systems, applications and protocols, including working knowledge of the Cyber Kill Chain and MITRE ATT&CK Matrix.
- Experience with securing and hardening IT infrastructure.
- Experience with the threat hunting complete life cycle; developing hunt hypothesis, analyzing and processing intelligence, find trigger, investigation, response and recommendations
- Advanced knowledge of log analysis, PCAP analysis, traffic flow analysis and experience with associated infrastructure and systems to aid in the identification of malware or other malicious behavior.
- Demonstrated or advanced experience with computer networking and operating systems.
- Experience with operational security, including security operations center (SOC), incident response, evidence assessments, malware analysis, or IDS and IPS analysis.
- Knowledge of networking protocols and infrastructure designs; including routing, firewall functionality, host and network intrusion detection systems, encryption, load balancing, and other network protocols.
- Excellent written and verbal communication skills, analytical ability, and the ability to work effectively with peers.
- Ability to both support partner meetings and projects.
The choices you make in your career journey matter. You want to do interesting work in an important field while also having time to live your life, which is why we place so much value in your life-work balance. Armis sets you up for success with comprehensive health benefits, discretionary time off, paid holidays including monthly me days, and a highly inclusive and diverse workplace. Put your unique experiences and perspective to work in an environment where they will enable you to thrive, grow, and live your life with integrity.
Armis is proud to be an equal opportunity employer. We never discriminate based on race, ethnicity, color, ancestry, national origin, religion, sex, sexual orientation, gender identity, age, disability, veteran status, genetic information, marital status or any other legally protected (or not) status. In compliance with federal law, all persons hired will be required to submit satisfactory proof of identity and legal authorization.
Apply for this job
*
indicates a required field