Plus
Включить Plus
Назад
Company hidden
10 часов назад

Security Architect

Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Architect (Detection Engineering): Building and maintaining detection rules in a centralized SIEM environment with an accent on reducing false positives and improving enterprise security monitoring coverage. Focus on detection gap analysis, MITRE ATT&CK-aligned rule development, and close SOC collaboration to strengthen detection and response workflows.

Location: Remote (US); preference for candidates able to be onsite in Columbia, South Carolina as needed

Company

hirify.global is a technology and professional services firm specializing in innovative technologies.

What you will do

  • Review, tune, and maintain existing SIEM detection rules; develop new rules to close coverage gaps.
  • Monitor threat intelligence sources and translate new use cases into detection logic.
  • Perform detection coverage gap analysis and align detection logic with adversary tactics, techniques, and procedures using MITRE ATT&CK.
  • Partner with SOC analysts and threat hunting teams to create, validate, and refine detection rules and monitoring workflows.
  • Document detection processes, runbooks, and troubleshooting steps; support dashboards and reporting for security operations visibility.
  • Engage agency stakeholders to improve adoption of centralized security services and provide customer-focused support.

Requirements

  • Bachelor’s degree in IT/Information Security or related field, or equivalent professional experience.
  • 5+ years supporting large IT environments or system deployments.
  • 5+ years of scripting and automation using Python, Bash, PowerShell, or similar languages.
  • Experience with Sigma and YARA (or other industry-standard detection languages).
  • Experience working with the MITRE ATT&CK framework and detection rule development/tuning.
  • Strong written and verbal communication skills.

Nice to have

  • Experience with Palo Alto Cortex XSIAM.
  • Deep understanding of Windows and Linux artifacts; experience in multi-tenant environments.
  • Experience supporting multi-agency or enterprise security service projects.
  • CISSP/CISA/CISO or equivalent advanced security certifications; CEH/OSCP/GPEN and other vendor certifications.
  • Candidate located in or near Columbia, South Carolina.

Culture & Benefits

  • Fully remote role with US focus.
  • Competitive salary.
  • Onsite availability in Columbia, South Carolina as needed.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →