Architect - SecOps

We are seeking a highly experienced SOC Architect, Lead Analyst, to join our global Cyber Operations team. This role involves leading and enhancing our security operations capabilities across various environments, including cloud and on-premises systems. The ideal candidate will have a deep background in SOC operations, incident response, and advanced threat management, with a focus on automation and integration of cutting-edge security technologies.

What you will be doing:

Leading SOC Operations:

• Implement, and optimize SOC architectures and processes to effectively detect and respond to cyber threats.
• Develop and manage advanced security monitoring and SOC response frameworks, leveraging tools such as Microsoft Sentinel and other cloud-native SOC platforms.

Case Management and Response:

• Lead and manage critical security events, including complex investigations and forensic analysis.
• Develop and refine SOC playbooks and procedures to ensure efficient and effective resolution or escalation of security events.

Automation and Integration:

• Implement and manage Security Orchestration, Automation, and Response (SOAR) solutions to streamline SOC operations.
• Create and optimize automation rules and workflows to enhance incident detection and response capabilities.
• Integrate SOC tools and platforms to ensure seamless data flow and operational efficiency.

Threat Intelligence and Hunting:

• Analyze threat intelligence data to identify emerging threats and vulnerabilities and integrate this intelligence into SOC operations.
• Conduct advanced threat hunting activities and develop strategies to proactively identify and mitigate potential threats.

Team Leadership and Development:

• Mentor and guide SOC team members, including SOC Level 1 Analysts, providing leadership on complex incidents and security challenges.
• Collaborate with other teams and departments to ensure cohesive and coordinated security efforts across the organization.

Continuous Improvement:

• Stay current with the latest cybersecurity trends, threats, and technologies to continuously enhance SOC operations.
• Contribute to the development of new use cases, dashboards, and reporting templates to improve SOC performance and visibility.

Key Accountabilities:

• Shift Lead for SOC in maintaining security operations across private, hybrid, and public cloud environments.
• Ensure timely and effective resolution of security events and escalate complex issues as necessary.
• Ensure SOC capabilities with training and skill development that aligns with continuous improvement to handle complex and evolving cyber threats.
• Develop custom parsers and enrichments for improved alert handling.
• Collaborate with vendors and internal teams to resolve security issues and enhance SOC capabilities.
• Maintain compliance with legal, regulatory, and industry standards.

What we are looking for :

Experience:

• 7-15 years of experience in SOC roles, with a strong focus on SOC event management, threat management, and SOC architecture.
• Proven track record of managing large-scale SOC operations in global environments.  Must be a self-starter and motivated to bring more to this role and team than what is directed. 

Technical Skills:

• In depth experience with cloud-native security tools, including Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud.
• In depth experience with endpoint detection and response (EDR) including Microsoft Defender for Endpoint.
• In depth experience with identity concepts, including multifactor authentication, authentication protocols, user behaviors.
• In-depth understanding of cloud and endpoint, including malware forensics, browser forensics, cloud forensics, mobile device forensics.
• Experience with network security tools, including Palo Alto and web application firewalls (WAFs) like Akamai, Cloudflare and Azure WAF.
• Advanced knowledge of scripting and automation using languages.
• Experience with SOAR platforms and security automation.

Certifications:

• Relevant certifications such as CISSP, CISM, CCSP, GCIH, or GIAC Security Operations Certified (GSOC) are highly desirable.
• Additional certifications in cloud security or incident response are a plus.

Soft Skills:

• Strong analytical and problem-solving skills with the ability to handle complex security events.
• Excellent communication skills to articulate security concepts to both technical and non-technical stakeholders.
• Highly organized, detail-oriented, and capable of working under pressure in a dynamic environment.

Shift Coverage: Rotational 24x7 shifts.

Arrow Electronics, Inc. (NYSE: ARW), an award-winning Fortune 133 and one of Fortune Magazine’s Most Admired Companies. Arrow guides innovation forward for over 220,000 leading technology manufacturers and service providers. With 2023 sales of USD $33.11 billion, Arrow develops technology solutions that improve business and daily life. Our broad portfolio that spans the entire technology landscape helps customers create, make and manage forward-thinking products that make the benefits of technology accessible to as many people as possible. Learn more at www.arrow.com.
Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between what's possible and the practical technologies to make it happen. Learn more at https://www.fiveyearsout.com/.