Remote Cyber Security Experts - AI Trainer

Mercor is recruiting on behalf of a cutting‑edge AI research lab building advanced AI systems for cybersecurity applications. We are seeking senior cybersecurity professionals with deep hands‑on experience across both defensive (Blue Team) and offensive (Red Team) security disciplines. In this role, you will apply real‑world adversarial and defensive expertise to evaluate, stress‑test, and improve AI models designed to assist with threat detection, incident response, and attack simulation.

Your insights will directly inform how AI systems reason about attacks, evasions, detection logic, and response workflows. This is a flexible, remote engagement ideal for experienced practitioners who have operated in enterprise, consulting, or high‑security environments.

• Investigate and analyse real or simulated security incidents (e.g., phishing, lateral movement, ransomware, privilege escalation).
• Review logs and telemetry from SIEM, EDR / XDR, firewall, cloud, and identity systems.
• Apply frameworks such as MITRE ATT&CK to classify adversary behavior.
• Evaluate alert quality, detection rules, triage decisions, and response workflows.
• Assess AI‑generated investigations for technical correctness and operational realism.

• Analyse attack chains including initial access, persistence, privilege escalation, lateral movement, and data exfiltration.
• Simulate adversarial thinking to evaluate detection gaps and bypass techniques.
• Review exploit techniques, payload behaviors, and evasion strategies.
• Provide insights into attack surface analysis and real‑world adversary tactics.
• Stress‑test AI systems against realistic red‑team scenarios.

• Provide structured reasoning explaining investigative and adversarial decisions.
• Identify weaknesses in AI threat analysis and suggest improvements.
• Help refine benchmarks for detection, triage, and attack simulation accuracy.

• 5+ years in cybersecurity with experience in one or more of: SOC Analyst (Level II / III), Incident Responder, Detection Engineer, Threat Hunter, Red Team Operator / Penetration Tester, Security Consultant (Offensive Security).
• Hands‑on experience conducting or responding to real‑world security incidents.

• Strong experience with SIEM platforms (Splunk, Sentinel, QRadar, Elastic).
• Experience with EDR / XDR tools (Crowd Strike, Defender, Carbon Black).
• Log analysis and event correlation.
• Network traffic analysis (Wireshark, Zeek, tcpdump).
• Cloud security and IAM investigation experience preferred.
• Familiarity with MITRE ATT&CK mapping and detection engineering.

• Experience with penetration testing methodologies.
• Adversary emulation and attack simulation.
• Exploitation frameworks (e.g., Metasploit, Cobalt Strike or equivalents).
• Privilege escalation techniques.
• Lateral movement techniques.
• Evasion and obfuscation methods.
• Understanding of Active Directory attacks, phishing frameworks, and payload development is a plus.

• Strong written documentation skills explaining technical reasoning.
• Ability to think from both attacker and defender perspectives.
• Structured, logical analysis of complex security scenarios.

• Certifications such as OSCP, OSEP, CRTO (Red Team). GCIA, GCFA, GCIH (Blue Team), CISSP.
• Experience mentoring junior analysts or red team members.
• Scripting proficiency (Python, Power Shell, Bash).

• Contribute to next‑generation AI systems for cybersecurity.
• Work at the intersection of offensive and defensive security research.
• High‑impact role shaping AI reasoning about real‑world cyber threats.
• Flexible engagement suited for senior practitioners.
• Collaborate with leading AI researchers and security experts.