Job Title: Security Operations Centre (SOC) Security Architect
About the Role:
We are seeking a highly skilled SOC Architect to lead our technical engineering team within the Security Operations Centre. The successful candidate will be responsible for designing and implementing technologies used for security threat monitoring, detection, event analysis, and incident reporting.
Key Responsibilities:
* Collaborate with cross-functional teams to ensure security and operational requirements are met throughout the project lifecycle.
* Supervise the design and technical development of SOC projects.
* Manage team resources to quality, schedule, and budget requirements.
* Coordinate with Head of SOC and SOC manager on development and delivery of Security Solution Bundles.
* Engage proactively with large customers to understand business needs and develop solutions and services to improve their security posture.
* Develop processes and support the SOC as an advanced escalation point for Level II and Level III analysts and engineers.
* Support the day-to-day operation of a highly available, distributed, multi-tenant SIEM, SOAR, EDR deployment.
* Respond to and investigate security incidents and provide thorough post-event analyses.
* Develop project processes, timelines, checklists for ongoing system upgrades.
* Develop use cases, queries, dashboards, and visualizations to support customer requirements.
* Create custom scripts and parsing to onboard data sources not natively supported by SIEM.
* Responsibility for complete life-cycle management with event source system administrator/owners.
Requirements:
* 8+ years of experience in the information security field.
* 5+ years of experience in SIEM deployment and architecture.
* Experience in a technical customer service/technical support environment that adheres to service level agreements (SLAs).
* Strong understanding of SIEM and UEBA.
* Good understanding of MITRE ATT&CK matrices, kill chains, and other attack models.
* Strong knowledge of scripting languages such as Python, PowerShell.
* Working knowledge of cloud technologies, windows infrastructure & networking.
* Experience integrating endpoint security and host-based intrusion detection solutions.
* Strong knowledge on Cloud SIEM solutions and SOAR.
Education: Bachelor's Degree or equivalent preferably
Fluency: Fluent English
Eligibility: Candidates must be eligible to work in Ireland or currently hold a Stamp 4/1 G Visa to apply.