Arrow - SOC Architect (7-15 yrs)

SOC Architect, Lead Analyst

Job Description :

We are seeking a highly experienced SOC Architect, Lead Analyst, to join our global Cyber Operations team. This role involves leading and enhancing our security operations capabilities across various environments, including cloud and on-premises systems. The ideal candidate will have a deep background in SOC operations, incident response, and advanced threat management, with a focus on automation and integration of cutting-edge security technologies.

What you will be doing :

Leading SOC Operations :

- Implement, and optimize SOC architectures and processes to effectively detect and respond to cyber threats.

- Develop and manage advanced security monitoring and SOC response frameworks, leveraging tools such as Microsoft Sentinel and other cloud-native SOC platforms.

Case Management and Response :

- Lead and manage critical security events, including complex investigations and forensic analysis.

- Develop and refine SOC playbooks and procedures to ensure efficient and effective resolution or escalation of security events.

Automation and Integration :

- Implement and manage Security Orchestration, Automation, and Response (SOAR) solutions to streamline SOC operations.

- Create and optimize automation rules and workflows to enhance incident detection and response capabilities.

- Integrate SOC tools and platforms to ensure seamless data flow and operational efficiency.

Threat Intelligence and Hunting :

- Analyze threat intelligence data to identify emerging threats and vulnerabilities and integrate this intelligence into SOC operations.

- Conduct advanced threat hunting activities and develop strategies to proactively identify and mitigate potential threats.

Team Leadership and Development :

- Mentor and guide SOC team members, including SOC Level 1 Analysts, providing leadership on complex incidents and security challenges.

- Collaborate with other teams and departments to ensure cohesive and coordinated security efforts across the organization.

Continuous Improvement :

- Stay current with the latest cybersecurity trends, threats, and technologies to continuously enhance SOC operations.

- Contribute to the development of new use cases, dashboards, and reporting templates to improve SOC performance and visibility.

Key Accountabilities :

- Shift Lead for SOC in maintaining security operations across private, hybrid, and public cloud environments.

- Ensure timely and effective resolution of security events and escalate complex issues as necessary.

- Ensure SOC capabilities with training and skill development that aligns with continuous improvement to handle complex and evolving cyber threats.

- Develop custom parsers and enrichments for improved alert handling.

- Collaborate with vendors and internal teams to resolve security issues and enhance SOC capabilities.

- Maintain compliance with legal, regulatory, and industry standards.

What we are looking for :

Experience :

- 7- 15 years of experience in SOC roles, with a strong focus on SOC event management, threat management, and SOC architecture.

- Proven track record of managing large-scale SOC operations in global environments. Must be a self-starter and motivated to bring more to this role and team than what is directed.

Technical Skills :

- In depth experience with cloud-native security tools, including Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud.

- In depth experience with endpoint detection and response (EDR) including Microsoft Defender for Endpoint.

- In depth experience with identity concepts, including multifactor authentication, authentication protocols, user behaviors.

- In-depth understanding of cloud and endpoint, including malware forensics, browser forensics, cloud forensics, mobile device forensics.

- Experience with network security tools, including Palo Alto and web application firewalls (WAFs) like Akamai, Cloudflare and Azure WAF.

- Advanced knowledge of scripting and automation using languages.

- Experience with SOAR platforms and security automation.

Certifications :

- Relevant certifications such as CISSP, CISM, CCSP, GCIH, or GIAC Security Operations Certified (GSOC) are highly desirable.

- Additional certifications in cloud security or incident response are a plus.

Soft Skills :

- Strong analytical and problem-solving skills with the ability to handle complex security events.

- Excellent communication skills to articulate security concepts to both technical and non-technical stakeholders.

- Highly organized, detail-oriented, and capable of working under pressure in a dynamic environment.

Shift Coverage : Rotational 24x7 shifts.

Arrow Electronics, Inc. (NYSE: ARW), an award-winning Fortune 133 and one of Fortune Magazines Most Admired Companies. Arrow guides innovation forward for over 220,000 leading technology manufacturers and service providers. With 2023 sales of USD $33.11 billion, Arrow develops technology solutions that improve business and daily life. Our broad portfolio that spans the entire technology landscape helps customers create, make and manage forward-thinking products that make the benefits of technology accessible to as many people as possible. Our strategic direction of guiding innovation forward is expressed as Five Years Out, a way of thinking about the tangible future to bridge the gap between what's possible and the practical technologies to make it happen.