Security Architect

Role Overview

Security Architect (Orchestration & Automation) is responsible for integrating and connecting disparate security tools to improve the effectiveness and efficiency of the firm’s security operations. The architect will apply SOAR principles across existing systems and proactively identify opportunities to expand SOAR capabilities.

Key Responsibilities

• Design & Architecture: Critically analyze proposed and existing solutions for alignment with the firm’s design requirements, including ISMS Policy, client contract requirements, regulatory environment, and professional obligations.
• SOAR Implementation:
  • Architect, implement, and support event management and logging solutions.
  • Integrate systems to enable synergistic incident detection, reporting, and response.
  • Develop, maintain, and support SOAR infrastructure (toolsets, scripts, dashboards, metrics).
  • Work with SOC/IR to deliver SOAR capabilities consistent with design requirements.
• Security Operations & Tooling:
  • Use common security toolsets such as SIEM, IDS, and other event logging systems to identify issues and check compliance with policies/procedures.
  • Monitor internal control systems to ensure appropriate access levels and security clearances.
  • Stay current on the threat, capability, and technology landscape.
• Compliance & Reporting:
  • Provide business-level reporting to management.
  • Monitor and report compliance with information security policies and procedures.
  • Report compliance failures for immediate remediation.
  • Contribute to security-related information repositories (e.g., web, database, SharePoint) and keep documentation up to date.
• Resilience Planning:
  • Support the definition of IT disaster recovery and continuity plans for security event management systems.
• Consulting & Support:
  • Serve as an internal security consultant and mentor on security event logging.
  • Act as a 3rd-level support resource for ticket resolution and change management.
  • Analyze, recommend, and implement security controls as determined by management.
  • Support standard security applications, utilities, and processes.

Requirements

• Expert understanding of security concepts, technologies, controls, and best practices.
• Working knowledge of relevant security toolsets (e.g., SIEM/IDS and event logging systems).

Nice-to-Haves

• Experience applying SOAR principles to existing enterprise security environments.
• Ability to produce business-level reports for management and interface frequently with technical, legal, and business stakeholders.

Location / Work Mode

• Remote role, but candidate must live in one of the following states: Illinois, Texas, Florida, New York, California, or Virginia.
• Occasional travel may be required to provide information security services.