Bucharest, Romania

Detection & Response Engineer (AI Security)

 Job Description:

Location: Remote 
Contract Duration: 6 months (with possibility of extension)
Contract details: B2B/ PFA or SRL

Role Overview

We are looking for a Detection & Response Engineer to establish operational security visibility and enable rapid response to security incidents impacting AI-driven services and agentic platforms.

This role focuses on building effective security telemetry, high-confidence detections, and incident response capabilities, ensuring the Security Operations Center (SOC) can quickly detect, investigate, and respond to threats from day one.

Key Responsibilities

  • Ensure end-to-end security telemetry coverage across solution components and AI platforms, integrating relevant logs, events, and signals into the SIEM (e.g. Splunk, Google Chronicle / SecOps).

  • Design and deliver high-confidence detection use cases to identify misuse, compromise, or anomalous behavior affecting:

    • AI agents and orchestration components

    • APIs and service-to-service communication

    • data flows and platform integrations

  • Develop, test, and maintain incident response playbooks tailored to AI-driven services, supporting rapid containment and recovery.

  • Enable the SOC with:

    • actionable and prioritized alerts

    • clear response workflows

    • operational guidance for AI-related incidents

  • Continuously improve detection and response effectiveness, reducing mean time to detect (MTTD) and mean time to respond (MTTR).

  • Ensure all activities comply with project confidentiality requirements, including adherence to the project NDA.

Required Skills & Experience

  • Proven experience in Detection Engineering, Incident Response, or SOC Engineering roles

  • Hands-on experience working with SIEM platforms (e.g. Splunk, Google Chronicle / SecOps)

  • Strong understanding of security telemetry, logging strategies, and alert design

  • Experience developing and validating incident response playbooks

  • Good understanding of modern, cloud-based and distributed systems

  • Ability to analyze anomalous behavior across APIs, services, and data flows

Nice-to-Have

  • Experience with AI-enabled or agent-based platforms

  • Familiarity with SOAR tooling and automated response workflows

  • Experience supporting production security operations in complex environments

  Required Skills:

Security

Apply for this job
Or refer someone