Information Security Architect I

We are seeking a highly experienced SOC Architect, Lead Analyst, to join our global Cyber Operations team. This role involves leading and enhancing our security operations capabilities across various environments, including cloud and on-premises systems. The ideal candidate will have a deep background in SOC operations, incident response, and advanced threat management, with a focus on automation and integration of cutting-edge security technologies.

What you will be doing:

Leading SOC Operations:

• Implement, and optimize SOC architectures and processes to effectively detect and respond to cyber threats.
• Develop and manage advanced security monitoring and SOC response frameworks, leveraging tools such as Microsoft Sentinel and other cloud-native SOC platforms.

Case Management and Response:

• Lead and manage critical security events, including complex investigations and forensic analysis.
• Develop and refine SOC playbooks and procedures to ensure efficient and effective resolution or escalation of security events.

Automation and Integration:

• Implement and manage Security Orchestration, Automation, and Response (SOAR) solutions to streamline SOC operations.
• Create and optimize automation rules and workflows to enhance incident detection and response capabilities.
• Integrate SOC tools and platforms to ensure seamless data flow and operational efficiency.

Threat Intelligence and Hunting:

• Analyze threat intelligence data to identify emerging threats and vulnerabilities and integrate this intelligence into SOC operations.
• Conduct advanced threat hunting activities and develop strategies to proactively identify and mitigate potential threats.

Team Leadership and Development:

• Mentor and guide SOC team members, including SOC Level 1 Analysts, providing leadership on complex incidents and security challenges.
• Collaborate with other teams and departments to ensure cohesive and coordinated security efforts across the organization.

Continuous Improvement:

• Stay current with the latest cybersecurity trends, threats, and technologies to continuously enhance SOC operations.
• Contribute to the development of new use cases, dashboards, and reporting templates to improve SOC performance and visibility.

Key Accountabilities:

• Shift Lead for SOC in maintaining security operations across private, hybrid, and public cloud environments.
• Ensure timely and effective resolution of security events and escalate complex issues as necessary.
• Ensure SOC capabilities with training and skill development that aligns with continuous improvement to handle complex and evolving cyber threats.
• Develop custom parsers and enrichments for improved alert handling.
• Collaborate with vendors and internal teams to resolve security issues and enhance SOC capabilities.
• Maintain compliance with legal, regulatory, and industry standards.

What we are looking for :

Experience:

• 7-15 years of experience in SOC roles, with a strong focus on SOC event management, threat management, and SOC architecture.
• Proven track record of managing large-scale SOC operations in global environments. Must be a self-starter and motivated to bring more to this role and team than what is directed.

Technical Skills:

• In depth experience with cloud-native security tools, including Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud.
• In depth experience with endpoint detection and response (EDR) including Microsoft Defender for Endpoint.
• In depth experience with identity concepts, including multifactor authentication, authentication protocols, user behaviors.
• In-depth understanding of cloud and endpoint, including malware forensics, browser forensics, cloud forensics, mobile device forensics.
• Experience with network security tools, including Palo Alto and web application firewalls (WAFs) like Akamai, Cloudflare and Azure WAF.
• Advanced knowledge of scripting and automation using languages.
• Experience with SOAR platforms and security automation.

Certifications:

• Relevant certifications such as CISSP, CISM, CCSP, GCIH, or GIAC Security Operations Certified (GSOC) are highly desirable.
• Additional certifications in cloud security or incident response are a plus.

Soft Skills:

• Strong analytical and problem-solving skills with the ability to handle complex security events.
• Excellent communication skills to articulate security concepts to both technical and non-technical stakeholders.
• Highly organized, detail-oriented, and capable of working under pressure in a dynamic environment.
• 
  

Arrow Electronics, Inc. (NYSE: ARW),an award-winning Fortune 133 and one of Fortune Magazine s Most Admired Companies. Arrow guides innovation forward for over 220,000 leading technology manufacturers and service providers. With 2024 sales of USD $27.9 billion, Arrow develops technology solutions that improve business and daily life. Our broad portfolio that spans the entire technology landscape helps customers create, make and manage forward-thinking products that make the benefits of technology accessible to as many people as possible. Learn more at www.arrow.com .

Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between whats possible and the practical technologies to make it happen. Learn more athttps://www.fiveyearsout.com/.

Location:IN-KA-Bangalore, India (SKAV Seethalakshmi) GESC