Informaticaposted 4 months ago
Full-time • Senior
Redwood City, CA
Publishing Industries
About the position
The Cloud Security Architect will be responsible for designing and architecting the Security Operations Center (SOC) infrastructure, focusing on security monitoring, incident response, and threat detection. This role involves developing security strategies, mentoring SOC analysts, and collaborating with various security teams to enhance the organization's security posture.
Responsibilities
- Design and architect the SOC infrastructure, including SIEM platforms, EDR/XDR solutions, and security automation frameworks.
- Develop and maintain the security monitoring architecture, including log collection, correlation rules, and alert pipelines.
- Create and optimize detection strategies based on threat intelligence and adversary tactics, techniques, and procedures (TTPs).
- Lead incident response planning and playbook development for various threat scenarios.
- Establish metrics and KPIs to measure SOC effectiveness and drive continuous improvement.
- Mentor and provide technical guidance to SOC analysts and incident responders.
- Collaborate with other security teams to ensure comprehensive coverage of security controls.
- Evaluate and recommend new security tools and technologies to enhance detection and response capabilities.
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, or related field.
- 8+ years of experience in cybersecurity with at least 5 years focused on SOC operations and architecture.
- Deep expertise in SIEM platforms (Splunk, ELK, or similar) and EDR/XDR solutions.
- Strong understanding of threat detection methodologies and incident response frameworks.
- Experience with security orchestration and automation (SOAR) platforms.
- Proven track record of building and optimizing SOC operations.
- Knowledge of common attack frameworks (MITRE ATT&CK) and threat intelligence platforms.
- Experience with cloud security monitoring (AWS, Azure, GCP).
