Lead Security Architect

Role & responsibilities

Description:

Lead Security Engineer

Key Responsibilities:

Security Operations & Incident Response

• Serve as the technical lead for incident response activities, ensuring swift analysis, containment, and resolution of threats.
• Design and execute tabletop exercises and red/purple team assessments.
• Maintain and enhance the organization's Cyber Incident Response Plan (CIRP) in alignment with NIST 2.0.

Vulnerability Management & Remediation

• Lead vulnerability assessments and penetration tests (internal/external); collaborate with stakeholders to drive remediation efforts.
• Automate patch and configuration management pipelines to maintain system integrity across hybrid environments.
• Partner with the InfoSec Manager to present findings and remediation roadmaps to leadership.

Security Architecture & Implementation

• Implement security controls and architectures across AWS, Azure, GCP, and M365 environments.
• Design and deploy Network Access Control (NAC), endpoint protection, firewalls, IDS/IPS, and other core security infrastructure.
• Champion zero-trust and least-privilege access models in system design.

Monitoring, Detection & Automation

• Develop and maintain correlation rules and custom alerts in SIEM platforms (e.g., Splunk, QRadar, Sentinel).
• Integrate threat intelligence feeds and behavioral analytics into detection strategies.
• Contribute to the build-out of automated response capabilities via SOAR/SIEM platforms and scripting (Python/PowerShell preferred).

Governance, Risk & Compliance (GRC)

• Support compliance initiatives for GDPR, HIPAA, ISO 27001, NIST, and CIS Controls.
• Contribute to audits and internal risk assessments with detailed technical documentation and evidence collection.
• Implement metrics and dashboards to track tool coverage, policy compliance, and SLA adherence.

Mentoring & Collaboration

• Mentor junior engineers and serve as a technical escalation point for complex security issues.
• Collaborate cross-functionally with IT, DevOps, Legal, and third-party vendors to enhance security posture.
• Evaluate and test emerging tools and technologies for continuous improvement.

Required Skills & Qualifications:

• Bachelors degree in Computer Science, Information Security, or related field (or equivalent experience).

• 8+ years of hands-on IT/Security experience

  , with at least 2+ years in a leadership or senior engineer role.
• Strong expertise in security frameworks:

  NIST 800-53/CSF, MITRE ATT&CK, CIS Controls, ISO/IEC 27001.

• Deep knowledge of

  cloud security best practices

  across AWS, Azure, GCP.
• Strong skills in

  SIEM, EDR, NAC, firewalls, vulnerability management

  , and

  network protocols

  (TCP/IP, DNS, VPN, etc.).
• Experience with

  scripting languages

  (Python, Bash, PowerShell) for automation.
• Proven experience in

  incident response and forensic analysis

  .
• Excellent verbal and written communication skills, including the ability to present complex technical findings clearly.

Preferred Certifications:

• CISSP, OSCP, CEH, GIAC, GCIH, or similar
• Microsoft SC-100 / AZ-500, AWS Security Specialty, or equivalent cloud security certifications