logo

Keeper Security

Senior Machine Learning Engineer, Cybersecurity / Threat Detection

Department
Engineering
Job Type / Location
hybrid
Experience Required
5+ years
Posted On

About the Role

You will tackle one of the most critical challenges in cybersecurity: detecting threats within privileged access sessions with high accuracy and low latency. Privileged accounts are prime targets for attackers, and the ML systems you build will serve as a first line of defense against anomalous and malicious behavior across SSH, RDP, VNC, and database connections. This role focuses on a hybrid detection approach combining vision-language models (VLMs) and domain-adapted ML models. You will work in a Python-based environment processing real-time session data via WebSocket, WebRTC, and protocol-level interfaces. The role is well-suited for engineers who enjoy both research-oriented work (datasets, evaluation, model training) and applied production engineering (inference systems, integration, and optimization).

Responsibilities

  • Design, curate, and maintain datasets for training and evaluating threat detection models
  • Build custom ML models for domain-specific threat classification and risk assessment
  • Engineer and optimize prompts for vision-language models to analyze session behavior
  • Create evaluation frameworks and benchmarks to measure accuracy, robustness, and reliability
  • Develop Python-based inference services within Dockerized environments
  • Integrate AI/ML capabilities with WebSocket, WebRTC, and low-level system interfaces for real-time analysis
  • Write clean, maintainable code and produce clear technical documentation
  • Monitor, troubleshoot, and optimize models in production for performance, scalability, and reliability

Requirements

  • 5+ years of professional experience in machine learning research or development
  • Strong proficiency in Python
  • Hands-on experience with dataset collection, curation, and labeling for ML training
  • Experience designing model evaluation frameworks and performance benchmarks
  • Experience working with vision-language models or large language models (e.g., GPT, Claude, Gemini, Qwen)
  • Familiarity with prompt engineering techniques and LLM frameworks
  • Experience building and deploying ML inference systems using Docker
  • Working knowledge of graph data structures and their practical applications
  • Familiarity with Git-based workflows and model repositories (e.g., Hugging Face)
  • Experience using cloud platforms for ML deployment and inference (AWS, GCP, and/or Azure)
  • Bachelor’s or Master’s degree in Computer Science, Machine Learning, Cybersecurity, or equivalent practical experience
  • U.S. Person status required due to GovCloud involvement

Preferred Qualifications

  • Experience with security, fraud, abuse detection, or anomaly detection systems
  • Familiarity with PAM, identity, or privileged access environments
  • Exposure to AWS Bedrock or similar managed AI services
  • Knowledge of network protocols and low-level system interfaces

View Assessment Process

Think you'll be a good fit?