Design, develop, and deploy AI-enhanced detections and automations within the SIEM/SOAR platform to improve signal-to-noise ratio and reduce alert fatigue.
Engineer and optimize SIEM pipelines using AI/ML techniques for anomaly detection, behavioral analytics, and threat correlation.
Integrate SIEM with security tools and data sources to build a context-rich, intelligence-driven monitoring ecosystem.
Develop and implement AI-assisted threat detection models, including user/entity behavior analytics (UEBA) and predictive analytics.
Collaborate with cyber defense operations to identify emerging threats and capability gaps, leveraging AI to proactively strengthen defenses.
Build and maintain automated response orchestration and intelligent playbooks that adapt based on threat context.
Design automation for alert enrichment, triage, and response using both rule-based and AI-assisted decisioning frameworks.
Partner with IT and engineering teams to ensure comprehensive telemetry collection and high-quality data pipelines.
Continuously improve SIEM engineering practices, including data normalization, enrichment strategies, and AI model tuning.
Support SOC operations by enhancing detection engineering, incident response workflows, and operational metrics through AI augmentation.
Requirements
Bachelor's degree in computer science, Information Security, or a related field.
4-6+ years of experience in cybersecurity engineering, SOC engineering, or insider threat.
Demonstrated expertise in SIEM engineering and security monitoring at scale.
Experience integrating or developing AI/ML capabilities within security operations or detection engineering.
Strong understanding of the Microsoft security stack (e.g., Sentinel, Defender suite)
Proficiency with automation tooling and scripting languages (KQL, Python, Powershell)
Proficiency in API development with the goal of integrating security tooling
Familiarity with various log ingestion methodologies into a SIEM environment.
Experience in multi-tenant or MSP like environments a plus
Highly motivated self-starter who thrives on positively influencing the environment.
Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
Benefits & Perks:
Company-Paid Lunch Stipend : Lunch is provided via GrubHub
Company-Paid Benefits: 100% Employer-Paid Medical in our High Deductible Health Plan, Dental and Vision benefits for employees and their families, 16 weeks of Paid P
Benefits
Health insuranceDental insuranceVision insurance
Additional Information
The Company
NorthMark Strategies is a leading investment firm, combining capital, innovation, and engineering to drive long-term value. From operating complex businesses to backing breakthrough technologies, our mission is to build enduring businesses. Our team combines intelligent risk-taking, operational excellence, exceptional talent, and world-class computing capacity to create shareholder value.
Our company offers a dynamic environment where individuals have the freedom to lead companies toward bold achievements by embracing innovation, leveraging technology, and fostering differentiated business strategies. Our values are Integrity, Ability, and Energy, and the company aims to hire individuals who possess those qualities.
At NorthMark Strategies, we believe the future isn't something to hope for, it's something to build. We don't just invest, we create. Bringing together strategic insight and technical horsepower to deliver outcomes that endure.
The Position
The Cyber Defense Engineer - SIEM reports to the Director of Cyber Defense and operates within the Office of the CISO. This role is responsible for architecting, developing, and implementing advanced security solutions that enhance cyber defense investigations and incident response capabilities.
This position places a strong emphasis on AI-driven security engineering, including the development of intelligent detection systems, automation pipelines, and data-driven defense mechanisms. The ideal candidate will combine deep expertise in the Microsoft security ecosystem with experience leveraging artificial intelligence and machine learning to improve SIEM/SOAR performance, detection fidelity, and operational efficiency.
You will collaborate across IT and security teams to design scalable logging, enrichment, and response architectures, while continuously advancing the organization's AI-enabled SIEM engineering maturity.
Northmark · New York, NY