More jobs:
Job Description & How to Apply Below
Key Responsibilities:
• SOC Architecture & Strategy
Define and own end-to-end SOC architecture (People, Process, Technology).
Design scalable SOC models – MSSP SOC, Hybrid SOC, Cloud SOC, and In-house SOC.
Establish SOC maturity models aligned with frameworks such as NIST CSF, NIST 800-61, ISO 27001, and MITRE ATT&CK.
Drive roadmap planning for SOC modernization, automation, and AI-led detection.
• Pre-Sales & Customer Advisory
Engage with CISOs, CXOs, and security leadership to understand business risks and SOC requirements.
Lead technical discovery, architecture workshops, and solution design discussions.
Own SOC-related RFP/RFI responses, solution blueprints, and pricing inputs.
Present SOC architecture, use cases, and value propositions to enterprise customers.
Support PoCs for SIEM, SOAR, EDR/XDR, UEBA, and Threat Intelligence platforms.
• SOC Engineering & Operations Enablement
Design detection strategies, correlation rules, and use-case frameworks.
Define SOC workflows for alert triage, incident response, threat hunting, and escalation.
Architect SOAR playbooks for automated response and enrichment.
Guide log source onboarding, data normalization, and retention strategies.
Ensure SOC performance metrics (MTTD, MTTR, false positives, coverage).
• Post-Sales & Delivery Governance
Provide architectural oversight during SOC deployments and transitions.
Review and validate configurations, dashboards, and reporting frameworks.
Mentor SOC managers, architects, and L2/L3 analysts.
Act as escalation point for complex incidents and architectural challenges.
Collaborate with OEMs for advanced troubleshooting and roadmap alignment.
Required Skills &
Qualifications:
8+ years in SOC architecture or leadership roles.
Proven experience designing and managing enterprises or MSSP SOCs.
Technical Expertise:
SIEM:
Splunk, IBM QRadar, Log Rhythm, Arc Sight, Sentinel, etc.
SOAR:
Palo Alto Cortex XSOAR, Splunk Phantom, Swimlane, etc.
EDR/XDR:
Crowd Strike, Sentinel One, Microsoft Defender, Trellix.
NDR:
Darktrace, Vectra, Extra Hop (or equivalent).
Threat Intelligence:
Anomali, MISP, Recorded Future, etc.
• Cloud Security: AWS/Azure/GCP logging, CSPM, CNAPP integration.
Strong understanding of detection engineering, threat hunting, and IR playbooks.
Frameworks & Standards:
MITRE ATT&CK, Cyber Kill Chain
NIST CSF, NIST 800-61, ISO 27001
Zero Trust Architecture, SOC maturity models
What We Offer:
Competitive salary and benefits package.
Opportunities for professional growth and advancement.
Exposure to cutting-edge technologies and projects.
A collaborative and supportive work environment.
How to Apply:
Interested candidates should submit a detailed resume and a cover letter outlining their qualifications and experience relevant to the role applied for. Applications should be sent via our careers portal or to [HIDDEN TEXT]
St. Fox is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×