PRINCIPAL AI ENGINEER - AGENTIC CYBER SYSTEMS

Role Summary

We are seeking a hands-on Principal AI Engineer to design, build and help productionise agentic AI systems for cybersecurity use cases.

This is an AI engineering role applied to cybersecurity. The role will define and build the agentic AI harness, control plane, model evaluation framework, AI-to-system interface layer, memory and knowledge architecture, guardrails, observability model and production standards needed to deploy AI agents safely across cyber functions.

Cybersecurity knowledge is useful, but not the primary requirement. The core requirement is deep experience building production-grade LLM, agentic AI, ML, automation or platform systems. Cyber domain expertise will be provided by SOC, incident response, vulnerability management, AppSec, cloud security, IAM, GRC, threat intelligence, red-team and security engineering SMEs.

The candidate should also have prior experience operating or supporting production systems, so they can design systems that are reliable, observable, auditable, recoverable and supportable. Day-to-day operations may sit with a separate AI platform, engineering or operations team.

Scope of Role

The role will support agentic AI capabilities across cybersecurity, including security operations, incident response, threat intelligence, detection engineering, vulnerability management, application security, cloud security, identity and access management, GRC, control testing, red teaming, purple teaming, security engineering, email security, data security and executive cyber reporting.

The role is expected to turn AI agents and frontier models from isolated experiments into safe, reusable and measurable operational capabilities.

Required Experience

1.         Strong hands-on experience building production-grade LLM, agentic AI, ML, automation or platform systems.

2.         Deep understanding of agent architecture, orchestration frameworks, tool calling, memory design, RAG, model routing and multi-agent workflows.

3.         Experience with frontier models, open-source models or both, including evaluation, benchmarking and model comparison.

4.         Strong software engineering background, including Python, APIs, backend services, cloud platforms, containers, CI/CD, authentication, logging and production observability.

5.         Experience integrating AI systems with enterprise APIs, identity systems, data platforms, workflow engines, ticketing systems, code repositories and operational tools.

6.         Prior experience operating or supporting production systems, including monitoring, alerting, incident response, rollback, release management, access control, cost management and post-incident review.

7.         Practical understanding of production failure modes such as model drift, prompt regressions, broken tool calls, API failures, retrieval errors, permission issues, latency problems, data quality gaps, cost spikes and unsafe outputs.

8.         Practical understanding of AI safety risks, including hallucination, prompt injection, insecure tool use, excessive agency, sensitive data leakage, memory poisoning, adversarial manipulation and unsafe autonomous behaviour.

9.         Experience designing human-in-the-loop workflows for high-risk, regulated or security-sensitive environments.

10.   Ability to design for operational handover, including runbooks, support models, service ownership, observability, change control and measurable service health.

Preferred Experience

1.         Experience building AI agents for software engineering, code review, test generation, vulnerability discovery, workflow automation or enterprise operations.

2.         Experience with LangGraph, AutoGen, CrewAI, Semantic Kernel, AgentSea, OpenAI Agents SDK, MCP, vector databases, graph databases or similar agentic AI tooling.

3.         Experience with RAG pipelines, knowledge graphs, structured retrieval, event schemas, data contracts and context engineering.

4.         Experience with secure connector patterns, permission boundaries, service accounts, API gateways, immutable audit logging and tool mediation.

5.         Experience with AI red teaming, model evaluation, AI governance, secure-by-design AI or regulated-sector AI deployment.

6.         Experience designing or operating simulation environments, cyber ranges, replay systems, benchmark suites or adversarial test harnesses.

7.         Exposure to cybersecurity, AppSec, cloud security, DevSecOps, vulnerability management, SOC operations, incident response, threat intelligence, GRC or offensive security testing.

Cybersecurity Knowledge

Cybersecurity knowledge is a bonus, not the core requirement.

The candidate does not need to be a SOC analyst, incident responder, penetration tester or security architect. However, they should be able to learn cyber workflows quickly, work closely with cyber SMEs and understand enough about security tools, vulnerabilities, logs, identity, cloud, code, tickets, and incidents to build safe AI systems around them.

Initial Deliverables

Within the first 6 to 9 months, the role is expected to help deliver:

1. Agentic AI reference architecture
   A clear architecture covering models, orchestration, memory, tool access, data flows, logging, approvals, evaluation, deployment, and governance. 
2. Cyber agent control plane prototype
   A working harness that can run bounded cyber agents with controlled tool access, human approvals, audit trails and defined autonomy levels. 
3. Tool interface and mediation layer
   Initial controlled connectors to selected enterprise and cyber systems, with scoped credentials, read/write boundaries, logging, error handling and approval gates. 
4. Agent identity and access model
   A defined approach for agent identities, sub-agent identities, scoped credentials, just-in-time access, secrets handling and approval-bound permissions. 
5. Cyber knowledge and memory prototype
   A working context layer using selected cyber data sources such as assets, vulnerabilities, alerts, incidents, playbooks, code repositories or tickets. 
6. Evidence and source-trust model
   A repeatable approach for grounding agent outputs in traceable evidence, with source references, confidence indicators, freshness checks and trust boundaries. 
7. Model evaluation framework
   A repeatable way to test frontier and open-source models against cyber-relevant tasks before operational use. 
8. Simulation and replay environment
   A controlled environment for testing agents against synthetic cases, historical incidents, vulnerable code, cloud scenarios or red-team workflows. 
9. Initial production pilots
   Two to three bounded pilots, such as secure code review, alert enrichment, threat intelligence summarisation, incident report drafting, vulnerability triage or GRC evidence collection. 
10. AI safety and operating guardrails
    A practical control model covering data access, prompt injection risk, tool permissions, autonomy levels, approvals, escalation, rollback and prohibited actions. 
11. Production handover model
    Runbooks, service ownership model, monitoring requirements, alerting thresholds, rollback approach, cost-control model, access review process and post-incident review process. 
12. Reusable build standards
    Templates, coding standards, prompt standards, evaluation standards, connector standards and deployment patterns so future agents can be built consistently.