[Remote] Principal ML/AI Threat Engineer

Note: The job is a remote job and is open to candidates in USA. DNSFilter is a rapidly growing company dedicated to creating a safer internet through innovative network security solutions. They are seeking a Principal ML/AI Threat Engineer to design and deliver scalable, real-time threat intelligence systems utilizing AI-driven models to enhance threat detection and response capabilities.

Responsibilities
• Design and maintain clustering frameworks to group and categorize malicious network indicators/assets at scale
• Analyze threat actor patterns and continuously evaluate cluster stability for adversarial drift, refining models for adaptation and resilience
• Identify persistent adversary fingerprints in DNS and convert them into functional products by building, training, and architecting performant AI/ML models at scale, utilizing hybrid detection and mitigation layers
• Build systems for scaled analytical decision-making, training, branching, drift detection, and recognizing real-world threats. Integrate feedback and balance adaptability with precision to eliminate false-positive amplification
• Develop infrastructure-linking methodologies, partner with researchers to validate attribution hypotheses, and implement informed confidence scoring
• Deliver production services with clear SLAs/SLOs, explainability, confidence metrics, monitoring, and observability, ensuring compatibility with DNSFilter’s vision and tech stack
• Present at security conferences, specifically ISAC

Skills
• 10+ total years across the fields of AI engineering, applied ML, detection engineering, threat research, or threat intelligence automation
• Experience building production AI/ML systems operating on high-volume telemetry
• Strong background in: Statistical analysis, Clustering methods, and Feature engineering at scale
• Deep understanding of adversarial tradecraft as observed in DNS or network data
• Strong Python proficiency, cloud architectures, and experience with distributed processing systems
• Experience designing technical systems independently at the principal scope
• Ability to work hours overlapping with Eastern Time
• Must be eligible to work in your region of hire without sponsorship from an employer now and/or in the future
• Direct experience with passive DNS or resolver telemetry
• Examples of hands-on work that has led to measurable outcomes
• Experience building network-based risk and/or confidence scoring mechanisms
• Familiarity with modern AI-engineering techniques and adaptive model strategies
• Background in cybersecurity, particularly nation-state APTs, major cyber groups, and threat actor automation
• Experience building explainable detection systems for customer-facing products

Benefits
• Pathway to promotion to additional organizational positions and responsibilities based upon results and performance, not just time in the chair. You help us grow, and we will help you grow.
• Passionate and intelligent colleagues who work hard and have a good time doing it
• Paid company-wide week off at the end of each year
• Flexible Vacation Policy
• Awesome company swag
• Full medical, dental, and vision benefits for US, UK, and Canada-based employees
• Full short-term disability and life benefits; available long-term disability
• Retirement savings account options with vested company matching for qualifying employees
• In-person annual gatherings. Last time we all spent a week on a beach in the Dominican Republic!

Company Overview
• DNSFilter provides security via DNS that protects over 4M end users from online security threats using artificial intelligence. It was founded in 2015, and is headquartered in Washington, District of Columbia, USA, with a workforce of 51-200 employees. Its website is https://dnsfilter.com.

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!