Understanding of AI agent architecture, orchestration frameworks, retrieval-augmented generation (RAG), vector databases, or autonomous workflow concepts. * Experience integrating APIs, automation ...
Understanding of AI agent architecture, orchestration frameworks, retrieval-augmented generation (RAG), vector databases, or autonomous workflow concepts. * Experience integrating APIs, automation ...
AI/ML Engineer - Computer Vision with Security Clearance
Goodyear, AZ · On-site
$111K - $133K/yr
... Retrieval-Augmented Generation (RAG). • Experience with object tracking, multi-object tracking, or video analytics. • Experience applying computer vision techniques to imagery, remote sensing, or ...
AI/ML Engineer - Computer Vision with Security Clearance
Goodyear, AZ · On-site
$111K - $133K/yr
... Retrieval-Augmented Generation (RAG). • Experience with object tracking, multi-object tracking, or video analytics. • Experience applying computer vision techniques to imagery, remote sensing, or ...
Principal Information Security Risk Management - AI
Scottsdale, AZ · On-site
$221K - $276K/yr
Data access, grounding, and retrieval-augmented generation (RAG) pipelines * Assess and challenge risks related to: * Prompt injection and jailbreak attacks * Data leakage through prompts, outputs ...
Principal Information Security Risk Management - AI
Scottsdale, AZ · On-site
$221K - $276K/yr
Data access, grounding, and retrieval-augmented generation (RAG) pipelines * Assess and challenge risks related to: * Prompt injection and jailbreak attacks * Data leakage through prompts, outputs ...
Principal Information Security Risk Management - AI
Scottsdale, AZ · Hybrid
$221K - $276K/yr
Data access, grounding, and retrieval-augmented generation (RAG) pipelines * Assess and challenge risks related to: * Prompt injection and jailbreak attacks * Data leakage through prompts, outputs ...
Principal Information Security Risk Management - AI
Scottsdale, AZ · Hybrid
$221K - $276K/yr
Data access, grounding, and retrieval-augmented generation (RAG) pipelines * Assess and challenge risks related to: * Prompt injection and jailbreak attacks * Data leakage through prompts, outputs ...
AI Engineer III
$57 - $76.75/hr
Help implement and maintain retrieval-augmented generation (RAG) pipelines over financial data, with an emphasis on correctness and safety. * Contribute to shared AI infrastructure such as LLM ...
AI Engineer III
$57 - $76.75/hr
Help implement and maintain retrieval-augmented generation (RAG) pipelines over financial data, with an emphasis on correctness and safety. * Contribute to shared AI infrastructure such as LLM ...
... and retrieval-augmented generation. * Engineering integrations between data platforms, governance, risk, and compliance workflows, and enterprise systems using application programming interfaces ...
... and retrieval-augmented generation. * Engineering integrations between data platforms, governance, risk, and compliance workflows, and enterprise systems using application programming interfaces ...
Collaborate with AI/ML and data science teams to define scalable patterns for model integration, retrieval augmented generation (RAG), decision logic, and safety filters * Champion "AI first" design ...
Collaborate with AI/ML and data science teams to define scalable patterns for model integration, retrieval augmented generation (RAG), decision logic, and safety filters * Champion "AI first" design ...
Collaborate with AI/ML and data science teams to define scalable patterns for model integration, retrieval augmented generation (RAG), decision logic, and safety filters * Champion "AI first" design ...
Collaborate with AI/ML and data science teams to define scalable patterns for model integration, retrieval augmented generation (RAG), decision logic, and safety filters * Champion "AI first" design ...
full-stack engineer
Phoenix, AZ · On-site
RAG (retrieval-augmented generation), tool invocation, structured outputs (JSON), and safe fallbacks for critical paths. - Implement model orchestration and model ops practices: prompt/version ...
full-stack engineer
Phoenix, AZ · On-site
RAG (retrieval-augmented generation), tool invocation, structured outputs (JSON), and safe fallbacks for critical paths. - Implement model orchestration and model ops practices: prompt/version ...
Software Engineer
Phoenix, AZ · Remote
Experience with MCP servers, agentic frameworks, and Retrieval-Augmented Generation (RAG). * Strong programming skills in Python, C# (.NET/ASP.NET), Java, or similar languages. * Familiarity with ...
Software Engineer
Phoenix, AZ · Remote
Experience with MCP servers, agentic frameworks, and Retrieval-Augmented Generation (RAG). * Strong programming skills in Python, C# (.NET/ASP.NET), Java, or similar languages. * Familiarity with ...
Your expertise in transformer-based models, retrieval-augmented generation (RAG), and vector databases will be instrumental in driving innovation. But your true impact will come from leadership. You ...
Your expertise in transformer-based models, retrieval-augmented generation (RAG), and vector databases will be instrumental in driving innovation. But your true impact will come from leadership. You ...
Generative AI Developer
Phoenix, AZ · On-site
$104K - $152K/yr
... retrieval-augmented generation (RAG), and intelligent automation platforms. You will work closely with data scientists, engineers, enterprise architects, and business stakeholders to define ...
Generative AI Developer
Phoenix, AZ · On-site
$104K - $152K/yr
... retrieval-augmented generation (RAG), and intelligent automation platforms. You will work closely with data scientists, engineers, enterprise architects, and business stakeholders to define ...
Your expertise in transformer-based models, retrieval-augmented generation (RAG), and vector databases will be instrumental in driving innovation. But your true impact will come from leadership. You ...
Your expertise in transformer-based models, retrieval-augmented generation (RAG), and vector databases will be instrumental in driving innovation. But your true impact will come from leadership. You ...
Familiar with RAG (Retrieval-Augmented Generation) pipelines, vector databases, or orchestration frameworks. * Capable of working with GraphQL, microservices, or event-driven systems in fast-paced ...
Familiar with RAG (Retrieval-Augmented Generation) pipelines, vector databases, or orchestration frameworks. * Capable of working with GraphQL, microservices, or event-driven systems in fast-paced ...
Architect and deliver integrated AI solutions, including agentic workflows, retrieval-augmented generation pipelines, and enterprise platform integrations * Define and enforce governance, security ...
Architect and deliver integrated AI solutions, including agentic workflows, retrieval-augmented generation pipelines, and enterprise platform integrations * Define and enforce governance, security ...
AI Engineer/ML Engineer - Senior Developers - AI Training - Mesa, US
Mesa, AZ · On-site +1
$80/hr
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
Quick apply
AI Engineer/ML Engineer - Senior Developers - AI Training - Mesa, US
Mesa, AZ · On-site +1
$80/hr
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
Quick apply
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
AI Engineer/ML Engineer - Senior Developers - AI Training - USA
Phoenix, AZ · On-site +1
$80/hr
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
Quick apply
AI Engineer/ML Engineer - Senior Developers - AI Training - USA
Phoenix, AZ · On-site +1
$80/hr
LLM Specialization: hands-on experience with Prompt Engineering, RLHF (Reinforcement Learning from Human Feedback), or RAG (Retrieval-Augmented Generation) workflows. * Technical Rigor: the ability ...
... or retrieval-augmented generation implementations • Experience serving government or public sector clients Company : Deloitte is a business consulting company that offers audit, consulting ...
... or retrieval-augmented generation implementations • Experience serving government or public sector clients Company : Deloitte is a business consulting company that offers audit, consulting ...
Implementing RAG (Retrieval-Augmented Generation) architectures and connecting LLMs to real-time data sources. * API Design: Creating the bridges (REST/GraphQL) that allow front-end components to ...
Implementing RAG (Retrieval-Augmented Generation) architectures and connecting LLMs to real-time data sources. * API Design: Creating the bridges (REST/GraphQL) that allow front-end components to ...
Retrieval Augmented Generation Rag information
Full-time
Posted 9 days ago
American Express rating
8.5
Based on 35 frontline employees who took The Breakroom Quiz
25th of 146 rated financial services
Job description
At American Express, our mission is to deliver the world's best customer experience every day. At the heart of this mission is our Information Security organization, enabling exceptional experiences built on a foundation of trust, service, and security. We leverage advanced technologies and data-driven insights to stay ahead of an evolving threat landscape. We foster a culture of passion, curiosity, and courage-empowering you to innovate, grow, and help shape the future of a Fortune 100 company.
Trust. Service. Security.
American Express seeks to recruit a passionate and experienced Leader for its Incident Response team. This is a senior-level, hands-on, highly technical role performing incident response activities ranging from pre-incident preparation, active incident response, and post-incident analysis and recovery. You will be a key technical resource conducting investigations, performing advanced analysis, identifying attacker TTPs, building attack narratives, and executing response actions.
As part of our evolution toward a Next Generation Agentic SOC, this role will also help drive the adoption of AI-enabled security operations, intelligent automation, and autonomous analyst workflows. The ideal candidate combines deep incident response expertise with curiosity and practical experience in AI-assisted detection, security automation, and modern SOC engineering practices.
You are a motivated leader who will directly manage, mentor, and develop a team of SOC analysts while driving the people, processes, and technology that empower the team to investigate sophisticated threats at scale. This role requires critical thinking, innovative problem solving, technical leadership, people leadership, and effective communication across both technical and executive audiences.
- 3+ years of experience in information security, security operations, incident response, threat hunting, or cyber defense.
- Experience with host, network, and/or memory forensics.
- Experience with various network and/or host-based security tools used to detect and respond to security events (e.g., SIEM, EDR, NDR, SOAR, web proxy, IDS/IPS, cloud-native security platforms, etc.).
- Theoretical and practical security knowledge and investigation experience with Mac, Linux, Windows, and cloud environments.
- Strong understanding of incident response lifecycles, attacker methodologies, and cyber kill chain concepts.
- Experience performing analysis of complex security incidents in enterprise environments.
- Familiarity with scripting or programming languages such as Python, PowerShell, Go, or similar.
- Ability to convey complex technical concepts to audiences with varying levels of technical expertise.
- Strong analytical, investigative, documentation, and communication skills.
- Demonstrated curiosity and adaptability toward emerging AI-enabled security technologies and workflows.
- Demonstrated ability to lead, motivate, and develop technical teams in high-tempo, operationally demanding environments.
- Strong interpersonal and conflict-resolution skills, with the ability to foster a collaborative, inclusive, and psychologically safe team environment.
Preferred:
- 1+ years of experience in a people leadership, team lead, or supervisory role, including direct responsibility for coaching, mentoring, or managing technical staff.
- Experience working within a modern SOC leveraging AI-assisted analysis, security automation, and/or SOAR technologies.
- Familiarity with AI/ML concepts and practical applications within cybersecurity operations.
- Experience with prompt engineering, LLM-assisted workflows, or AI copilots for security investigations and operational efficiency.
- Understanding of AI agent architecture, orchestration frameworks, retrieval-augmented generation (RAG), vector databases, or autonomous workflow concepts.
- Experience integrating APIs, automation pipelines, or AI-enabled tooling into SOC workflows.
- Knowledge of adversarial AI threats, prompt injection risks, model misuse, or AI security governance principles.
- Experience building or operationalizing automated detection, enrichment, triage, or response capabilities.
- Knowledge and investigation experience in a global, multi-cloud environment.
- Experience with detection engineering, threat hunting, or behavioral analytics.
- Familiarity with cloud-native security technologies and telemetry sources.
- Multiple applicable certifications (GSE, GDAT, GCIA, GCIH, GCFA, GNFA, GCFE, GREM, CCSP, CISSP, CEH, etc.).
- AI-related certifications or hands-on experience with enterprise AI platforms, orchestration frameworks, or automation tooling.
- Experience managing performance cycles, conducting calibrations, and building talent development plans within a security operations or SOC environment.
- Experience managing geographically distributed or shift-based teams supporting 247 operations.
Employment eligibility to work with American Express in the United States is required as the company will not pursue visa sponsorship for these positions.
People Leadership & Team Development
- Directly lead and manage a team of SOC analysts, including hiring, onboarding, day-to-day supervision, performance management, and career development, fostering a high-performing and engaged team culture.
- Conduct regular 1:1s, performance reviews, and goal-setting with direct reports; provide timely, constructive feedback and coaching to accelerate individual and team growth.
- Mentor and develop junior and mid-level analysts, building technical skills, investigative rigor, and professional capabilities across the team; create clear career progression pathways from Tier 1 through senior roles.
- Manage shift schedules, on-call rotations, and workload distribution to ensure 247 operational coverage while proactively mitigating analyst burnout and maintaining team morale.
- Drive a culture of continuous learning by identifying training opportunities, encouraging pursuit of industry certifications (e.g., GCIH, GCFA, GCIA), facilitating hands-on exercises (e.g., Immersive Labs, tabletop exercises), and championing knowledge-sharing across the team.
- Recruit and retain top talent by partnering with HR and hiring managers to define role requirements, conduct interviews, and build a diverse and skilled analyst pipeline.
Incident Response & Technical Operations
- Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations and escalations from junior analysts across Windows, Mac, Linux, Cloud, SaaS, and hybrid environments.
- Participate in incident response, cyber crisis management, and enterprise-wide security events.
- Advise leadership on containment, eradication, and recovery strategies during incident response.
- Fully scope incidents through proper identification of all affected systems, identities, applications, and/or accounts.
- Recognize attacker tactics, techniques, and procedures (TTPs) as well as Indicators of Compromise (IOCs) and Indicators of Attack (IOAs) applicable to current and future investigations.
- Serve as a technical escalation point for the analyst team, providing real-time guidance on complex or high-severity investigations and ensuring quality and consistency of investigative outputs.
- Contribute to team projects, process improvement, and development of new security operations capabilities.
- Help curate a world-class security operations and incident response program with a relentless focus on innovation, intelligent automation, and continuous improvement.
- Assess and develop incident response best practices to help mature the overall security operations and AI-assisted defense capabilities of the organization.
- Produce high-quality written and verbal reports, recommendations, executive briefings, and technical findings.
- Participate in on-call rotation and provide after-hours support on an as-needed basis.
AI-Enabled Security Operations & Automation
- Partner with detection engineering, threat intelligence, data science, and security engineering teams to operationalize AI-driven detection and response capabilities.
- Assist in the design, tuning, and oversight of AI-enabled SOC workflows, analyst copilots, and autonomous or semi-autonomous response agents.
- Develop and optimize prompts, workflows, and guardrails for large language model (LLM) and AI-agent-assisted investigations and triage processes.
- Evaluate and validate AI-generated investigative outputs to ensure operational accuracy, reliability, explainability, and security.
- Help identify opportunities to leverage AI/ML, orchestration, and automation technologies to reduce analyst toil and accelerate response times.
- Participate in development and integration of SOAR playbooks, AI-assisted enrichment pipelines, and security automation frameworks.
- Contribute to AI governance and operational risk management efforts related to AI-enabled security tooling and workflows.
- Champion AI adoption within the team by training analysts on AI-assisted tools and workflows, gathering analyst feedback to drive iterative improvements, and ensuring responsible use aligned with organizational governance.
- Stay current on industry trends, attack techniques, AI-enabled threats, adversarial AI risks, mitigation techniques, and emerging security technologies
What American Express employees say
Pay
Benefits
Hours and flexibility
Workplace
Get the full story on Breakroom