What Success Looks Like In This Role
The Sr. Manager, Detection & Response (AI SOC) leads the integration of AI and machine learning into DNR operations, overseeing threat detection, investigations, and team performance. This role focuses on strategic AI enhancements to SOC processes, ensuring proactive defense against evolving threats in enterprise environments.
Key Responsibilities
- Lead AI-Enhanced SOC Operations:
- Design and oversee AI-driven frameworks for anomaly detection, predictive analytics, and automated responses using tools like AI-integrated SIEM, EDR, and IDS.
- Translate threat intelligence (e.g., MITRE ATT&CK) and AI insights into actionable detection strategies.
- Optimize AI models to reduce false positives, improve alert fidelity, and minimize analyst fatigue.
- Manage Advanced Investigations and Threat Hunting:
- Oversee Tier1/2 investigations with AI-assisted root cause analysis, malware detection, and remediation recommendations.
- Direct AI-powered proactive hunting across network, endpoint, and cloud environments to uncover hidden threats.
- Collaborate with IR teams to integrate findings into detection improvements.
- Oversee Internal Teams:
- Ensure compliance with security policies and standards; provide feedback on deployments and tuning.
- Review alerts and drive continuous improvements in driven capabilities.
- Drive AI Automation and Tooling:
- Lead development of scripts and tools (e.g., Python) for streamlined operations and data integration.
- Build and troubleshoot playbooks in SOAR platforms to automate responses and boost efficiency.
- Documentation, Team Leadership, and Improvement:
- Maintain documentation for AI logic, procedures, and findings.
- Stay current on AI security trends; mentor teams to foster innovation.
- Promote continuous learning and adaptation to threat landscapes.
You will be successful in this role if you have:
Required Qualifications
- Experience: 7-10 years in security operations, with 3-5 years in leadership roles (SOC, Forensics, or IR), including AI integration.
- Technical Proficiency:
- Expertise in AI-enhanced SIEM (e.g., PA, Google SecOps) for analysis, rule creation, and dashboards.
- Knowledge of EDR/IDS/IPS and AI/ML frameworks.
- Proficiency in Python, PowerShell, TensorFlow/PyTorch for automation.
- Understanding of network security, traffic analysis, and threat frameworks (e.g., MITRE ATT&CK).
- Leadership Skills: Proven in team management, budgeting, and strategic AI initiatives. Exceptional analytical and problem-solving abilities under pressure.
- Communication: Strong skills for reporting, documentation, and cross-functional collaboration.
Preferred Qualifications
- Google SecOps and AI tools experience.
- Digital forensics and AI orchestration.
- Detection-as-Code, Git/CI/CD for AI management.
- Certifications: SANS, Offensive Security, AI/ML (e.g., Google ML Engineer).
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
Local employment practices and rights may vary by jurisdiction and are subject to applicable local laws. This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers.
If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at [Confidential Information]. US job seekers can find more information about Unisys EEO commitment here.
