About the role

Cyber Security Engineer developing and maintaining the Premonition platform for global cybersecurity operations at Comcast. Implementing AI and data engineering solutions for enhanced security workflows.

Responsibilities

Design, build, and maintain the Premonition platform for managing, deploying, and monitoring agentic pipelines.
Develop composable building blocks—agents, tools, pipelines, evaluators, and configuration—to enable rapid workflow assembly and iteration.
Implement robust APIs, orchestration, and infrastructure integrations on AWS and EKS for reliable LLM and agent driven workloads.
Engineer and optimize the high performance data layer, including Iceberg/Delta/Hudi, compression, indexing, latency, and largescale query performance.
Work with embedded engines such as DuckDB and LanceDB to enable interactive, low latency analytics.
Collaborate with cybersecurity stakeholders (SOC, IR, threat hunters, engineers) to translate workflows into secure, automated, observable pipelines.
Experiment with and productionize LLM and agent patterns (RAG, tool use, multistep agentic workflows), including evaluation, safety, and guardrails.
Own the full lifecycle of Premonition services: design, implementation, testing, deployment, observability, performance tuning, and continuous improvement.
Contribute to and enforce standards and best practices for LLM/agent usage, data management, security, and governance.
Participate in design/code reviews and foster a supportive, caring, competitive, high ownership, deeply technical culture.

Strong production experience with Python.
Solid SQL skills and experience working with large datasets.
Experience designing, building, and operating production APIs or microservices, including testing, observability, CI/CD.
Experience running workloads on AWS and Kubernetes/EKS.
Experience with high performance data engineering, including: Iceberg, Delta, or Hudi; or optimizing storage, compression, latency, and analytical query performance.
Ability to work in a deeply technical, high ownership environment and collaborate effectively across functions.
Strong communication skills with the ability to work closely with security stakeholders and translate workflows into technical designs.
Demonstrated experience building LLM based applications or agentic workflows (not just prompt tinkering).
Hands on experience with agentic workflows: agents, tools, orchestration, multistep pipelines.
Experience with LLM platforms: Ollama, Amazon Bedrock, SageMaker.
Familiarity with orchestration frameworks: LangChain, LlamaIndex, or equivalent internal tooling.
Production experience with Iceberg, Delta Lake, or Hudi.
Experience with DuckDB or LanceDB.
Experience with Rust and/or JavaScript/TypeScript.
Experience with workflow/orchestration tools: Airflow, Temporal, Argo.
Prior exposure to cybersecurity domains (SOC, IR, threat hunting, security engineering).