Security Operations Centre (SOC) Security Architect
The eir evo Security Team protects and monitors clients' organisations 24/7.
This is a significant, established team supporting enterprise client organisations.
The SOC Architect will design and implement technologies for security threat monitoring, detection, event analysis, and incident reporting.
They will lead the technical engineering team within the Security Operations Centre.
Responsibilities:
* Collaborate with cross-functional teams to ensure security and operational requirements are met.
* Supervise the design and technical development of the SOC projects.
* Manage team resources to quality, schedule, and budget requirements.
* Coordinate with Head of SOC and SOC manager on development and delivery of Security Solution Bundles.
* Engage proactively with customers to understand business needs and develop solutions and services to improve their security posture.
* Develop processes and support the SOC as an advanced escalation point for Level II and Level III analysts and engineers.
* Support the day-to-day operation of a highly available, distributed, multi-tenant SIEM, SOAR, EDR deployment.
* Responds to, and investigates, security incidents and provides thorough post-event analyses.
* Develops project processes, timelines, checklist for ongoing system upgrades.
* Develops use cases, queries, dashboards, and visualizations to support customer requirements.
* Creates custom scripts and parsing to onboard data sources not natively supported by SIEM.
* Responsible for complete life-cycle management with event source system administrator/owners.
* Includes coordination and planning for system upgrades, new systems, as well as maintaining current operational event flows.
* Responsible for configuration of enterprise security log sources into the SIEM, EDR SOAR, VA solutions.
* Continuously assesses current state of security monitoring and response solutions and recommends improvements.
* Conducts research on the latest threats and technological advancements.
* Performs quarterly audits on SIEM, SOAR, EDR, VA technology.
* Works with the automation team to develop scripts and improve overall operational efficiencies.
* Supports Architecture changes required to supporting evolving business needs and threat profile.
* Delivers architectural initiatives that drive and improve efficiency in line with business strategy.
Requirements:
* 8+ years of experience in the information security field.
* 5+ years of experience in SIEM deployment and architecture.
* Experience in a technical customer service/technical support environment that adheres to service level agreements (SLAs).
* Strong understanding of SIEM and UEBA.
* Good understanding of MITRE ATT&CK matrices, kill chains, and other attack models.
* Strong knowledge of scripting languages such as Python, Powershell.
* Working knowledge of cloud technologies, windows infrastructure & networking.
* Experience integrating endpoint security and host-based intrusion detection solutions.
* Strong knowledge on Cloud SIEM solutions and SOAR.
Education:
* Bachelor's Degree or equivalent.
* Fluent English.
Candidates must be eligible to work in Ireland or currently hold a Stamp 4/1 G Visa to apply.
eir evo/eir evo talent is an equal opportunity employer who seeks to recruit and appoint the best available person for a job regardless of marital/civil partnership status, sex (including pregnancy), age, religion, belief, race, nationality, and ethnic or national origin, colour, sexual orientation, or disability.
eir evo/eir evo talent applies all relevant Data Protection laws when processing your Personal Data.
If you choose to apply to this opportunity and share your CV or other personal information with eir evo/eir evo talent, these details will be held by us in accordance with our privacy policy used by our recruitment team to contact you regarding this or other relevant opportunities at eir evo/eir evo talent.
We are committed to creating an inclusive and supportive work environment.
If you require any reasonable adjustments during the application or interview process, please let us know, and we will work with you to meet your needs #eirforall
EVO6213