Architect, Security - R01565241

Key Responsibilities

• Lead and manage 24x7 SOC operations including monitoring, detection, triage, investigation, containment, and incident response activities
• Develop, maintain, and continuously improve SOC operational frameworks including playbooks, runbooks, workbooks, escalation matrices, and incident response procedures
• Ensure continuous monitoring of security events across enterprise infrastructure, endpoints, applications, and cloud environments
• Define, track, and optimize SOC KPIs such as MTTR, MTTD, SLA adherence, and operational effectiveness metrics
• Conduct SOC maturity assessments and drive continuous improvement through use-case tuning, alert correlation, and threat hunting initiatives
• Manage SOC team operations including staffing, shift planning, workload distribution, and analyst development
• Lead incident response efforts during cybersecurity incidents such as malware attacks, ransomware, phishing, insider threats, and cloud security breaches
• Oversee security event analysis, detection engineering, and threat intelligence integration
• Collaborate with cross-functional teams during security incidents and ensure effective communication with stakeholders and leadership
• Drive improvements in security monitoring, detection capabilities, and automation using SIEM and SOAR platforms
• Ensure adherence to cybersecurity policies, compliance standards, and best practices