Network Security Data Scientist

Summary

Join Corelight and help make the world safer from cyberattacks. As a Network Security Data Scientist, you will contribute to the full range of AI/ML projects, from exploration to productization, leveraging network traffic logs to create behavioral detection models. You will work closely with network security experts and machine learning engineers, implementing scalable AI/ML pipelines and participating in technical discussions. You will also author key materials to share insights with the community and guide analysts. Corelight offers a collaborative and growth-oriented culture with a geographically distributed employee base. The ideal candidate will have a degree in Computer Science or a related field, 3+ years of experience in data science or LLM applications focused on cybersecurity, and strong data science skills. The compensation range is $153,000-$188,000 USD, with additional benefits and equity.

Requirements

• Degree in Computer Science or related fields, or equivalent experience
• 3+ years of experience in data science or LLM applications with a focus on cybersecurity
• Strong data science skills, including a proven track record applying the techniques to real-world problems
• Understanding of practical networking, security, and their intersection along with an enthusiasm to keep learning about these domains from highly experienced experts
• Experience in Python and data science libraries and tools (Scikit-Learn, Keras, PyTorch, Tensorflow, Pandas, Polars, Spark, DuckDB)
• Experience in LLM frameworks such as langchain, langgraph, llamaindex, chroma or similar
• Experience using LLMs to tackle cybersecurity use cases
• Excellent communication skills to work effectively in a team
• Strong appreciation for our core values: low ego results, tireless service, and applied curiosity

Responsibilities

• Contribute to the full range of stages of AI/ML projects, from explorations to productization
• Identify apt opportunities to apply supervised and unsupervised techniques to robustly detect a wealth of behaviors, in the face of a range of real-world constraints
• Build agentic applications and customize LLMs with RAG or fine-tuning and to tackle advanced network security use cases
• Leverage network traffic logs to create models for behavioral detection of TTPs with low FP rates
• Evaluate and refine algorithms against data-at-scale gathered from operational environments
• Work with ML engineers and network security experts to implement scalable AI/ML pipelines
• Work in an Agile development team focused on exploring and delivering AI/ML use cases
• Participate in technical discussions within the Labs team and collaborate with other teams across the organization
• Author key materials to (a) share network security insights with the community, and (b) guide analysts in employing the models you develop and lead

Preferred Qualifications

• Knowledge of information security processes; especially threat detection and incident response, and of the cybersecurity product landscape
• Experience with local deployments and fine-tuning of Small Language Models (SLMs)
• Experience in designing and implementing data pipelines using DuckDB
• Experience with cloud computing, especially Databricks and AWS Services (EC2, S3, Cloudwatch)
• Experience using Docker and/or Kubernetes, and containerized applications
• Experience using feature stores and ML frameworks like Kubeflow, Cortex, Seldon, or BentoML
• Experience with experiment tracking and reproducibility tools
• Experience adopting an Agile development methodology and working in a distributed team

Benefits

Equity and additional benefits will also be awarded