Project Overview:

We are seeking a skilled Cybersecurity AI Trainer to work as a project consultant in our AI Labor Marketplace. This is not a full-time employment position - you will be engaged as an expert project consultant on a contract basis.

Location: U.S.-based experts only

Engagement: Part-time, project-based expert evaluation work

Work Type: Remote

We’re collaborating on a research initiative to improve how AI systems support Microsoft security analysts. The goal is to evaluate and enhance AI-assisted detections across Sentinel, Entra ID and Microsoft 365 by combining expert human judgement with structured evaluation methods. Your insights as a detection engineer or threat hunter will help shape the next generation of AI-driven threat detection and triage tools.

This is a project-based consultant role. Consultants will be paid on a per-project basis; hourly rates are estimates based upon anticipated time of completion. Consultants will control their own schedule, provide their own tools to perform the work, and are free to simultaneously provide services to other vendors and employers to the extent permitted by those vendors and employers. 

Responsibilities:

Contributors will:

• Write production-quality KQL queries and prompts to detect suspicious behavior (e.g., impossible travel, mailbox rule abuse, MFA fatigue).
• Review and score AI-generated detections for accuracy, reasoning quality, ATT&CK coverage, and appropriate tool use.
• Rank high-risk entities and building visualizations (e.g., Sentinel Workbooks, Azure Monitor charts).
• Map detections to MITRE ATT&CK tactics and techniques.
• Document findings, assumptions, and improvement recommendations.

Expected Outcomes:

• This is not a live SOC or alert-handling — it’s focused on evaluation, validation, and research-grade feedback on detection logic and data outputs.
• You’ll work within defined task sets, each involving writing or evaluating a detection and submitting structured feedback through project tools.
• Contribute to applied AI research in cybersecurity.
• Influence the accuracy and reliability of AI-driven detections used by enterprises worldwide.

Qualifications:

• 5+ years in detection engineering, threat hunting, or SOC analysis
• Experience with security tools such as SIEM, IDS/IPS, or endpoint detection and response (EDR) solutions
• Familiarity with scripting languages such as Python, PowerShell, or Bash
• Fluent in KQL and experienced in correlation across multiple log sources
• Working knowledge of MITRE ATT&CK mapping and analytic validation
• Clear, concise technical writing for reporting and documentation
• SC-200, SC-300, AZ-500, or equivalent certifications
• Experience with Azure Data Explorer, MSTICPy, Jupyter, or AI-driven detections