Principal Cybersecurity Detection Engineer – Contract (6+ months) – Vienna, VA (Hybrid) – $70-$75/hr.
The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate’s/applicant’s qualifications, skills, and level of experience as well as the geographical location of the position.
The end client is unable to sponsor or transfer visas for this position; all parties authorized to work in the US without sponsorship are encouraged to apply.
Our client is seeking aPrincipal Cybersecurity Detection Engineer in Vienna, VA(Hybrid) .
Role Description
Required Skills
- 7+ years core detection engineering: SIEM engineering, SIEM query languages (SPL, KQL, Regex, YARA), telemetry analysis
- AI & Emerging threat security skills: hands on application of AI/ML in SOC workflows, AI threat awareness, AI security frameworks (MITRE ATLAS, OWASP AI security)
- adversary & threat modeling: MITRE ATT&CK, MITEE ATLAS, NIST CSF
- cloud & hybrid security detection: threat detection across cloud platforms (Iaas, Saas & PaaS)
- large scale data & analytics skills
- SOC Engineering
Principal Cybersecurity Detection Engineer – AI-Driven Threats
Role Overview
The Principal Cybersecurity Detection Engineer – AI Driven Threats is a senior individual contributor responsible for advancing the effectiveness and maturity of the Cyber Security Operations Center (CSOC). This role designs, operationalizes, and scales high confidence detection capabilities to address AI enabled threats and related emerging attack techniques.
The position combines deep, hands on detection engineering expertise with applied knowledge of AI security and adversarial techniques. As a principal level individual contributor, this role drives the practical application of AI and emerging technologies within security operations, ensuring measurable improvements in detection fidelity, incident response outcomes, and analyst efficiency.
Key Responsibilities
AI & Emerging Threat Detection
• Serve as the senior technical subject matter expert for AI focused threat detection within the CSOC.
• Design, develop, deploy, and maintain advanced detection content across SIEM and security platforms to identify
AI enabled and emerging attack techniques.
• Engineer high confidence detections using complex query languages and techniques (e.g., SPL, KQL, regex, YARA, macros, lookups) across on premises, hybrid, and cloud environments.
• Continuously evaluate detection coverage and fidelity, tuning or retiring content as adversary tactics, data sources, and operational needs evolve.
• Research emerging AI and advanced technology threats (e.g., prompt injection, model poisoning, adversarial AI, data exposure) and translate them into actionable detection strategies.
• Align detection use cases to industry frameworks such as MITRE ATT&CK, MITRE ATLAS, and NIST CSF.
• Partner with threat intelligence, detection engineering, threat hunting, red team, and architecture teams to proactively strengthen detection capabilities.
• Support proofs of concept and pilots that apply AI to detection engineering and SOC operations, ensuring solutions deliver measurable operational value.
• Mentor and guide senior detection engineers and analysts on AI threat concepts and advanced detection strategies.
• Communicate complex technical findings clearly to technical teams, leadership, and executive stakeholders.
Required Qualifications
• 7+ years of experience in cybersecurity operations, detection engineering, or SIEM engineering in a senior individual contributor role.
• Advanced expertise in detection engineering across the full content lifecycle (design, testing, deployment, tuning, and decommissioning).
• Hands on experience applying AI or machine learning capabilities within SOC or detection workflows.
• Familiarity with AI security frameworks (e.g., MITRE ATLAS, OWASP AI Security).
• Advanced proficiency with SIEM query languages and multi source telemetry across on prem, cloud (IaaS/PaaS/SaaS), and hybrid environments.
• Strong understanding of adversary TTPs, including emerging AI enabled threats.
• Demonstrated ability to analyze large scale log and telemetry datasets to identify threats and detection gaps.
• Strong communication skills, with the ability to present complex technical concepts to both technical and non-technical audiences.
Preferred Qualifications
• Experience leading or contributing to AI focused SOC pilots, automation initiatives, or advanced detection programs.
• Relevant certifications (e.g., CISSP, CySA+, CASP+, CCSP) or comparable credentials.
• Bachelor’s degree in Cybersecurity, Computer Science, Engineering, or a related field.
Benefits/Other Compensation
This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).
Why Hays?
You will be working with a professional recruiter who has intimate knowledge of the industry and market trends. Your Hays recruiter will lead you through a thorough screening process in order to understand your skills, experience, needs, and drivers. You will also get support on resume writing, interview tips, and career planning, so when there’s a position you really want, you’re fully prepared to get it.
Nervous about an upcoming interview? Unsure how to write a new resume?
Visit the Hays Career Advice section to learn top tips to help you stand out from the crowd when job hunting.
Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays’ guiding principles is ‘do the right thing’. We also believe that actions speak louder than words. In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.
In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.
Drug testing may be required; please contact a recruiter for more information.