ASSOCIATE ARCHITECT - Security Operations (SOC)

Role Overview:

The DevSecOps & Cloud Security Architect is responsible for designing, implementing, and managing secure, automated, and compliant multi-cloud architectures supporting the organization's Managed Detection & Response (MDR) ecosystem.
This role bridges cloud engineering, DevSecOps automation, and security operations, ensuring end-to-end protection, compliance, and resilience across hybrid workloads.

The architect will integrate tools such as SentinelOne Complete EDR, FortiSIEM, FortiSOAR, UEBA, KnowBe4, and Vicarius, embedding them within CI/CD pipelines, Zero Trust frameworks, and cloud governance policies to achieve a unified security posture.

Key Responsibilities:

Cloud & Security Architecture

• Design and implement secure, scalable, and compliant multi-cloud (Azure/AWS) architectures aligned to HIPAA, HITRUST, and NIST 800-53 frameworks.
• Integrate MDR solutions (SentinelOne, FortiSIEM, FortiSOAR, UEBA) into the broader cloud and DevSecOps ecosystem.
• Architect and maintain Zero Trust Network Access (ZTNA) models leveraging Azure Entra ID, Conditional Access, and micro-segmentation.
• Oversee deployment of SentinelOne agents and FortiSIEM collectors across user endpoints, servers, and cloud workloads.

DevSecOps Automation:

• Embed security gates within CI/CD pipelines (Azure DevOps, GitHub Actions, Jenkins) for code scanning, policy enforcement, and compliance validation.
• Automate provisioning and configuration using Terraform, Ansible, and Bicep, with Policy-as-Code for audit traceability.
• Integrate SOAR workflows to trigger automated remediation within build and deployment pipelines.
• Develop scripts and APIs for orchestration between SentinelOne, FortiSOAR, and UEBA for real-time threat containment.

Governance, Risk & Compliance:

• Implement and maintain continuous compliance monitoring dashboards for HIPAA/HITRUST readiness.
• Drive security governance reporting, aligning incident data with regulatory frameworks and internal audit cycles.
• Ensure proper data encryption, key management, and least-privilege access policies across cloud resources.
• Partner with compliance and privacy teams to support risk assessments, evidence gathering, and audits.

Threat & Vulnerability Management:

• Lead integration of Vicarius vulnerability prioritization and patch orchestration workflows.
• Manage threat intelligence ingestion and correlation within FortiSIEM and UEBA for advanced detection.
• Drive proactive threat hunting and continuous improvement through detection rule tuning and playbook enhancements.

Collaboration & Leadership:

• Serve as the technical escalation point for MDR and Cloud Security incidents.
• Mentor DevSecOps engineers and MDR analysts (L1 to L3) in automation, response, and cloud security best practices.
• Collaborate with infrastructure, application, and compliance teams to drive a unified security vision.
• Present executive dashboards, RCA summaries, and architecture updates during governance and QBR sessions.

Qualifications & Experience:

• Bachelors or Masters degree in Computer Science, Cybersecurity, or related discipline.
• 8 - 12 years of experience in cloud architecture, cybersecurity, and automation.
• Proven experience implementing DevSecOps pipelines with integrated security scanning and compliance enforcement.
• Expertise in SentinelOne, FortiSIEM, FortiSOAR, and UEBA administration, deployment, and integration.
• Strong understanding of Zero Trust, cloud identity and access management, and network segmentation.
• Demonstrated success in healthcare or regulated industry environments.

Technical Skills

CategoryTools / TechnologiesCloud PlatformsMicrosoft Azure, AWS, Azure GovCloud, Azure SentinelAutomation & IaCTerraform, Ansible, Bicep, ARM TemplatesCI/CD PipelinesAzure DevOps, GitHub Actions, JenkinsSecurity ToolsSentinelOne, FortiSIEM, FortiSOAR, UEBA, Vicarius, KnowBe4Languages / APIsPython, PowerShell, REST API, JSON, YAMLFrameworksNIST 800-53/171, HITRUST CSF, CIS Benchmarks, ISO 27001Monitoring & AnalyticsPower BI, Log Analytics, Grafana, Kibana

Certifications (Preferred)

• Microsoft Certified: Azure Solutions Architect Expert / Security Engineer Associate
• AWS Certified: Security Specialty
• Fortinet NSE 6/7 (Security Operations / SOAR)
• SentinelOne Certified Administrator (S1CA)
• CISSP, CISM, or GIAC Cloud Security Automation (GCSA)
• Certified DevSecOps Professional (CDP)

Success Indicators

MDR tool uptime and integration stability across endpoints.

Reduction in manual remediation time through SOAR automation.

Continuous compliance posture aligned with HIPAA/HITRUST.