Sr Advanced Cyber Security Architect/Engineer

The Senior Cyber Security Engineer is a senior technical leader within the Security Operations function, responsible for advanced analytics, complex investigations, tool engineering, and driving SOC capability maturity. This role proactively identifies and responds to sophisticated threats, advances detection capabilities, and guides the SOC toward higher automation, intelligence‑driven operations, and continuous improvement aligned with industry best practices and Gartner L4 maturity.

• Continuously assess emerging threats and evaluate SOC tools, architectures, and workflows for improvement. 
• Recommend and implement standardized, scalable approaches for SOC technologies and processes. 
• Develop and enhance SLAs, KPIs, and operational reporting for security tooling and SOC effectiveness. 
• Maintain and enhance SOC policies, documentation, and procedures. 
• Lead identification, investigation, and remediation of advanced security events and incidents. 
• Ensure audit trails and evidence-handling standards support incident investigation and regulatory requirements. 
• Develop cybersecurity policies and DLP standards aligned with organizational risk posture. 
• Manage and investigate data‑loss events to ensure risks are mitigated. 
• Execute and enforce security policy, exception management, and risk controls. 
• Provide Tier 3 technical escalation support for SOC incidents and engineering issues. 
• Collaborate closely with architecture, network, data center, HR, Legal, and third parties during investigations. 
• Lead and contribute to complex cybersecurity and SOC modernization projects. 
• Mentor and develop SOC engineers and analysts to strengthen capabilities. 
• Provide leadership input into planning, deployment, and optimization of new and existing security initiatives. 
• Lead SIEM, SOAR, and XDR engineering, correlation rule development, and detection content optimization.
• Drive automation design and orchestration to increase SOC efficiency and reduce response times.
• Lead deep‑dive threat hunting, hypothesis‑driven investigations, and adversary simulation.
• Guide cloud‑native security monitoring and detection engineering.

• Minimum 8+ years of cybersecurity or SOC experience. 
• Excellent documentation and communication skills. 
• Certifications: GSEC, Security+, CISSP (preferred or in progress). 
• Deep understanding of network protocols, IDS/IPS, SIEM, firewalls, proxies, and DLP technologies. 
• Strong understanding of incident response frameworks and advanced threat actor behaviors. 
• Ability to prioritize in a dynamic, fast‑paced environment. 

• Experience with modern SOC engineering (SOAR automation, XDR implementation, cloud monitoring).
• Strong experience developing detection rules, tuning alerts, and engineering log ingestion pipelines.
• Proven ability to lead investigations involving advanced persistent threats (APTs).
• Additional certifications (GCIA, GCFE, GDAT, GCTI, etc.).

• Support global SOC operations.
• Opportunities for advanced training, conferences, and continuous professional development.
• Reports to: Cyber Security Director.
• Role Hybrid

#LI-JR2

#Hybrid