Threat Detection Specialist - Fully Remote

About the role

Mercor is seeking a Threat Detection Specialist to design and build benchmark tasks for blue‑team AI models. This fully remote contract role focuses on creating realistic SOC evaluation environments and measuring AI performance at scale.

Key responsibilities

• Design and build benchmark tasks grounded in real SOC and detection engineering work.
• Construct realistic evaluation environments, including multi‑host networks, Active Directory, and cloud control planes.
• Define “correct” outcomes for blue‑team AI reasoning and develop infrastructure to measure them reproducibly at scale.
• Translate blue‑team workflow experience into rigorous evaluation designs.
• Work independently and asynchronously to meet deadlines while improving AI model performance.

Required profile

• Hands‑on blue‑team experience in detection engineering, threat hunting, incident response, or malware analysis.
• Strong scripting abilities and experience with cloud or enterprise environments.

Required skills

• Detection engineering
• Threat hunting
• Incident response
• Malware analysis
• Scripting (e.g., Python, PowerShell, Bash)
• Cloud platforms (AWS, Azure, GCP)
• Active Directory

What we offer

• Contract rate of $85–$140 per hour.
• Fully remote work arrangement.
• Opportunity to influence cutting‑edge AI security research.