Senior Cybersecurity Consultant (Advanced Analytics)

Ensign is hiring !

Job Summary:

The consultant will be responsible for analyzing and modeling high-volume cybersecurity data from multiple telemetry sources to develop and deploy AI/ML models to enhance threat detection, streamline response processes, and improve overall cybersecurity effectiveness across client environments.

Key Responsibilities:

• Collect, normalize, and process cybersecurity data from heterogeneous sources such as logs, sensors, and network devices. Conduct exploratory data analysis (EDA) to understand behavior patterns, detect anomalies, and identify indicators of compromise (IOCs).
• Design and train machine learning models (supervised/unsupervised) for threat detection, behavior analysis, and anomaly classification.
• Leverage deep learning architectures (e.g., CNN, LSTM, Transformers) where appropriate for high-dimensional or temporal cyber data.
• Develop feature engineering pipelines tailored to cybersecurity datasets (e.g., sequence modeling of events, graph-based representations).
• Deploy models into operational environments, integrating with SOC tools and detection platforms (e.g., SIEM/SOAR).
• Collaborate with SOC and IR teams to fine-tune models for precision, recall, and low false positive rates.
• Continuously monitor model performance in live environments and retrain as needed using new data and threat intelligence.
• Develop automated pipelines for ingestion, model inference, alert generation, and feedback loops.
• Contribute to the development of analytics-driven cybersecurity tools and products (e.g., automated detection engines, data pipelines, model-as-a-service APIs).
• Align technical implementations with client infrastructure (on-prem, hybrid, or cloud) and security architecture.
• Apply DevSecOps practices to scale AI/ML solutions within production environments.

Qualifications:

• Bachelor's or Master’s degree in Computer Science, Data Science, Cybersecurity, or a related technical field.
• 3–5 years of experience in data science or machine learning, with demonstrated application in cybersecurity contexts.
• Proficient in Python (NumPy, pandas, scikit-learn), and familiar with deep learning frameworks (TensorFlow, PyTorch).
• Candidates with experience working with cybersecurity platforms and data sources: SIEM (e.g., Splunk, Elastic), network traffic data, EDR tools, OT telemetry, with some understanding of cybersecurity principles, threat modeling, and attacker TTPs (e.g., MITRE ATT&CK) preferred.
• Familiarity with cloud platforms (AWS, Azure, GCP) and CI/CD pipelines for ML model deployment.