St. Fox Consultancy is seeking a highly experienced and strategic SOC Head Architect to lead the design, evolution, and governance of enterprise-grade Security Operations Center (SOC) architectures. This role requires deep expertise in SOC strategy, detection engineering, incident response, and integration of SIEM, SOAR, EDR/XDR, NDR, and threat intelligence platforms.
Key Responsibilities:
SOC Architecture & Strategy
- Define and own end-to-end SOC architecture (People, Process, Technology).
- Design scalable SOC models MSSP SOC, Hybrid SOC, Cloud SOC, and In-house SOC.
- Establish SOC maturity models aligned with frameworks such as NIST CSF, NIST 800-61, ISO 27001, and MITRE ATT&CK.
- Drive roadmap planning for SOC modernization, automation, and AI-led detection.
Pre-Sales & Customer Advisory
- Engage with CISOs, CXOs, and security leadership to understand business risks and SOC requirements.
- Lead technical discovery, architecture workshops, and solution design discussions.
- Own SOC-related RFP/RFI responses, solution blueprints, and pricing inputs.
- Present SOC architecture, use cases, and value propositions to enterprise customers.
- Support PoCs for SIEM, SOAR, EDR/XDR, UEBA, and Threat Intelligence platforms.
SOC Engineering & Operations Enablement
- Design detection strategies, correlation rules, and use-case frameworks.
- Define SOC workflows for alert triage, incident response, threat hunting, and escalation.
- Architect SOAR playbooks for automated response and enrichment.
- Guide log source onboarding, data normalization, and retention strategies.
- Ensure SOC performance metrics (MTTD, MTTR, false positives, coverage).
Post-Sales & Delivery Governance
- Provide architectural oversight during SOC deployments and transitions.
- Review and validate configurations, dashboards, and reporting frameworks.
- Mentor SOC managers, architects, and L2/L3 analysts.
- Act as escalation point for complex incidents and architectural challenges.
- Collaborate with OEMs for advanced troubleshooting and roadmap alignment.
Required Skills & Qualifications:
- 8+ years in SOC architecture or leadership roles.
- Proven experience designing and managing enterprises or MSSP SOCs.
Technical Expertise:
- SIEM: Splunk, IBM QRadar, LogRhythm, ArcSight, Sentinel, etc.
- SOAR: Palo Alto Cortex XSOAR, Splunk Phantom, Swimlane, etc.
- EDR/XDR: CrowdStrike, SentinelOne, Microsoft Defender, Trellix.
- NDR: Darktrace, Vectra, ExtraHop (or equivalent).
- Threat Intelligence: Anomali, MISP, Recorded Future, etc. Cloud Security: AWS/Azure/GCP logging, CSPM, CNAPP integration.
- Strong understanding of detection engineering, threat hunting, and IR playbooks.
Frameworks & Standards:
- MITRE ATT&CK, Cyber Kill Chain
- NIST CSF, NIST 800-61, ISO 27001
- Zero Trust Architecture, SOC maturity models
What We Offer:
- Competitive salary and benefits package.
- Opportunities for professional growth and advancement.
- Exposure to cutting-edge technologies and projects.
- A collaborative and supportive work environment.
How to Apply: Interested candidates should submit a detailed resume and a cover letter outlining their qualifications and experience relevant to the role applied for. Applications should be sent via our careers portal or to [Confidential Information]
St. Fox is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
