Senior Staff Engineer (AI Developer SOC Automation)

Company Description

We're Nagarro, a Digital Product Engineering company scaling globally. We build products, services, and experiences that inspire, excite, and delight. We work at scale across all devices and digital mediums, with 18,500+ experts across 40 countries. Our work culture is dynamic and non-hierarchical.

Requirements

Experience

• 7.5+ years in software engineering, AI/ML development, or automation engineering
• Hands-on experience building AI/ML solutions

Programming & AI/ML

• Strong Python expertise with AI/ML libraries: Pandas, NumPy, Scikit-learn, PyTorch, or TensorFlow
• Hands-on experience developing AI-powered automation using Large Language Models (LLMs), Azure OpenAI, OpenAI APIs, and prompt engineering techniques
• Experience designing and implementing Retrieval-Augmented Generation (RAG) solutions for enterprise AI applications

Cloud & Infrastructure

• Strong knowledge of Microsoft Azure services: Azure Machine Learning, Azure Functions, Logic Apps, Azure Event Hub, and Microsoft Sentinel
• Familiarity with AWS and Google Cloud Platform
• Knowledge of Google Cloud services including Security Command Center, Pub/Sub, and BigQuery is an advantage
• Working knowledge of Git, Docker, CI/CD pipelines, containerization, and modern software development practices

API & Integration Development

• Experience developing REST APIs and microservices using FastAPI or Flask
• Hands-on experience integrating AI solutions with SIEM, SOAR, security monitoring, and ticketing platforms

Security & Threat Intelligence

• Good understanding of cybersecurity fundamentals: SIEM concepts, security monitoring, attack patterns, threat detection, MITRE ATT&CK framework, and log analysis
• Experience building AI-powered alert automation, incident response workflows, and threat intelligence solutions
• Experience with Azure Sentinel Analytics Rules, Playbooks, Workbooks, or similar security automation capabilities is preferred
• Familiarity with SOAR platforms such as Microsoft Sentinel SOAR, LogRhythm SIEM, or equivalent security orchestration solutions
• Understanding of on-premises SIEM platforms and enterprise log aggregation tools is an added advantage

AI Frameworks & Databases

• Experience using LLM orchestration frameworks such as LangChain, Semantic Kernel, or equivalent AI frameworks is desirable
• Familiarity with Azure AI Search (Cognitive Search), vector databases, and semantic search capabilities is preferred

Soft Skills & Education

• Strong analytical, troubleshooting, and problem-solving skills with ability to build scalable AI-powered security automation solutions
• Excellent communication and collaboration skills with experience working in Agile and cross-functional engineering teams
• Bachelor's degree in Computer Science, Information Technology, Engineering, MCA, or a related discipline
• Professional certifications such as Microsoft SC-200, AZ-900, CEH, CompTIA Security+, or equivalent cloud and cybersecurity certifications are desirable

Responsibilities

Design & Development

• Design, develop, and maintain AI-powered automation solutions to enhance Security Operations Center (SOC) workflows, including alert classification, anomaly detection, threat prioritization, and incident response
• Build AI-powered security agents and bots that automate alert triage, investigation, and remediation processes
• Develop and fine-tune NLP and machine learning models for log parsing, alert summarization, phishing detection, Indicator of Compromise (IOC) extraction, and threat intelligence analysis

Feature Engineering & Data Processing

• Design and implement feature engineering pipelines to process security telemetry from cloud and on-premises monitoring platforms, including Microsoft Sentinel, GCP Security Command Center, Trend Micro XDR, and SIEM solutions
• Consume, normalize, and process event streams from Azure Event Hub, GCP Pub/Sub, cloud platforms, and on-premises log sources

RAG & LLM Optimization

• Build and optimize Retrieval-Augmented Generation (RAG) pipelines that leverage enterprise threat intelligence repositories, knowledge bases, and security playbooks
• Develop, evaluate, and optimize LLM-powered security use cases through prompt engineering, model evaluation, and continuous performance improvement

Automation & Integration

• Develop Azure Functions, Logic Apps, and Python-based automation to streamline alert enrichment, incident routing, notification workflows, and security operations
• Build and maintain integrations with SIEM, SOAR, ticketing, monitoring, and security platforms using REST APIs, FastAPI, and custom connectors
• Integrate AI-generated insights with incident management systems to automate ticket creation, prioritization, and status tracking
• Develop Python-based APIs and microservices to expose AI capabilities for enterprise security applications

Quality Assurance & Maintenance

• Develop unit tests, integration tests, and participate in peer code reviews to ensure secure, scalable, and high-quality software delivery
• Monitor AI model performance, detect model drift, maintain dashboards, and continuously improve model accuracy using MLOps best practices
• Maintain CI/CD pipelines for AI model deployment, automation releases, and infrastructure updates

Documentation & Collaboration

• Prepare technical documentation including API specifications, architecture diagrams, deployment guides, operational runbooks, and data models
• Collaborate closely with SOC analysts, cybersecurity engineers, cloud teams, DevOps engineers, and data scientists to continuously improve AI-driven security automation

Qualifications

• Bachelor's or master's degree in Computer Science, Information Technology, or a related field

Service Region

South Asia