Security Architect

About the Job:

The company is a global leader in digital transformation, employing around 56,000 individuals and generating approximately €7.2 billion in annual revenue. With operations in 54 countries, it is recognized as Europe’s number one in cybersecurity and a leader in cloud services. The company is dedicated to providing tailored, AI-powered, end-to-end solutions for various industries, aiming for a secure and decarbonized future.

Role Summary:

We are seeking an experienced Security Architect who will serve as a senior technical security resource at a customer site. This role involves managing Security Information and Event Management (SIEM) operations, supporting L1/L2 analysts, conducting advanced investigations, maintaining security tools, and advising customers on security operations decisions.

Key Responsibilities:

• SOC Administration & SIEM Management: Administer and manage SIEM platforms including ArcSight ESM and Logger; monitor platform health and troubleshoot issues; develop and maintain SIEM content.
• SOC Operations & Incident Response: Conduct deep analysis of security alerts and suspicious activities; lead incident triage and post-incident reporting; support security teams during major incidents.
• SIEM Engineering & Detection Engineering: Create and tune detection rules and monitoring use cases aligned with MITRE ATT&CK; validate rule logic and improve SOC investigation quality.
• Technology Support: Work with technologies such as EDR/XDR platforms, antivirus solutions, and cloud security services. Assist in tool integration and operational improvement discussions.
• Customer-Facing Responsibilities: Collaborate with customer security and IT teams on daily operations, provide technical guidance, and prepare SOC reports.

Required Skills & Experience:

• 5-8+ years of cybersecurity experience, notably in SOC operations and SIEM administration.
• Hands-on experience with ArcSight ESM, Logger, correlation rules, and threat detection.
• Proficient understanding of SOC processes, alert triage, incident response, and threat hunting.
• Strong troubleshooting abilities for SIEM and related technologies.
• Comfortable working independently with minimal supervision.

Preferred Certifications:

• ArcSight/SIEM-specific certification
• Microsoft Azure Security certification (AZ-500 or equivalent)
• AWS Security Specialty or equivalent, and other relevant cybersecurity certifications such as CISSP, CISM, or CompTIA Security+.

Preferred Candidate Profile:

• Currently based in the UAE or able to relocate immediately.
• Comfortable working full-time on-site at customer premises and effectively communicating with stakeholders.

At the company, we value diversity and inclusion in our workplace and are committed to a fair working environment for all.