Data Scientist / Software Engineer

Binary Defense is seeking a talented Data Scientist / Software Engineer to join our team in a dual-discipline role bridging applied data science and production software engineering.

This is not a research-only or notebook-only position - you will own the full lifecycle of data-driven capabilities, from hypothesis to deployed service running in our production environment supporting MDR operations and the NightBeacon product suite.

Responsibilities

• Design, build, and ship production-grade data and ML systems that operate against large-scale cybersecurity telemetry, including endpoint, network, identity, and cloud-derived signals.

• Apply analytical, statistical, and machine learning techniques to collect, analyze, and interpret large cybersecurity data sets, and translate findings into deployable software.

• Develop, test, and maintain backend services, APIs, and data pipelines that integrate ML models and analytics into Binary Defense products and SOC tooling.

• Collaborate closely with software engineering, product, detection engineering, and security engineering teams to embed algorithms and analytics directly into our platforms.

• Own code quality across the stack - write clean, well-tested, reviewed code; participate in design reviews; and contribute to architectural decisions affecting data and ML systems.

• Operationalize models with appropriate monitoring, versioning, retraining, and rollback strategies (MLOps).

• Contribute to product, services, and detection engineering roadmap by identifying where data science and engineering investment will measurably improve outcomes for analysts and clients.

• Develop data-driven solutions that ship - not prototypes that stall.

• Master's or PhD in Computer Science, Machine Learning, Data Science, Statistics, or equivalent experience.

• At least 3 years of experience as a data scientist, ML engineer, or applied research engineer, ideally supporting cybersecurity applications.

• Working knowledge of linear algebra, statistics, probability, and the mathematics underlying modern ML.

• Strong understanding of statistical modeling supervised and unsupervised learning, and the tradeoffs between classical ML and deep learning approaches.

• Hands-on experience with ML frameworks such as TensorFlow, PyTorch, or scikit-learn.

• Experience with big data technologies (Spark, Hadoop ecosystem, or modern equivalents) and NoSQL data stores.

• Experience with data visualization and analyst-facing tooling (Tableau, Power BI, D3.js, or similar).

Software Engineering

• At least 3 years of experience writing production software, with code shipped to real users in a team setting.

• Strong proficiency in Python, plus working competence in at least one additional production language (Go, Rust, C#/.NET, Java, or TypeScript).

• Solid foundations in software design: data structures, algorithms, OOP and functional patterns, API design, and system design for performance and scale.

• Experience designing and building REST or gRPC APIs and the services behind them.

• Strong with relational and NoSQL database design, query optimization, and schema evolution.

• Proficient with Git, modern code review workflows, and writing unit and integration tests.

• Comfortable with CI/CD pipelines and shipping behind feature flags or staged rollouts.

• Experience with containerization (Docker) and at least one orchestration or deployment platform (Kubernetes, ECS, or equivalent).

• Familiarity with cloud platforms - AWS, Azure, or GCP - including their managed data, compute, and ML services.

• Excellent written and verbal communication; able to defend technical decisions and write documentation that engineers and analysts will use.

Preferred

• Direct experience applying data science to security problems: detection engineering, threat intelligence enrichment, behavioral analytics, malware classification, alert triage, or adversary attribution.

• Experience with managed ML services such as Amazon SageMaker, Vertex AI, or Azure ML.

• Familiarity with LLM-based systems, including retrieval-augmented generation, agentic workflows, evaluation frameworks, and prompt and model lifecycle management.

• Experience operating in an Agile or continuous-delivery environment.

• Knowledge of data privacy and security regulations such as GDPR, CCPA, or HIPAA, and experience handling sensitive customer data accordingly.

• Familiarity with DevOps and SRE practices, including infrastructure-as-code (Terraform), observability (metrics, logs, traces), and incident response.

• Background or prior role in threat intelligence, security research, security engineering, or SOC analysis.

• Strong work ethic, intellectual honesty, and creative problem-solving - comfortable working through ambiguity and shipping under real deadlines.

Binary Defense is a leading Managed Detection and Response (MDR) provider, trusted by hundreds of organizations to protect what matters most. Our team of SOC analysts, threat hunters, detection engineers, and threat researchers work around the clock to deliver proactive, risk-focused security outcomes. We bring the attacker's mindset to defense, helping clients detect threats earlier, respond faster, and continuously improve their security posture.