Cyber Security Architect

Key Responsibilities Cyber Security\n\nSecurity Monitoring Incident Response\nMonitor security s using SIEM EDR and XDR tools\nInvestigate and respond to security incidents end-to-end including containment and remediation\nLead post incident analysis and document lessons learned\n\nThreat Detection Threat Hunting\nPerform proactive threat hunting using logs endpoint telemetry and network data\nDevelop and tune detection rules aligned with MITRE ATTCK\nConvert threat hunting findings into new detection use cases\n\nVulnerability Exposure Management\nConduct vulnerability scans and assess risk severity\nTrack remediation with infrastructure and application owners\nValidate fixes and ensure closure within defined SLAs\n\nSecurity Engineering Hardening\nImplement and maintain security baselines for Windows Linux Active Directory O365 and cloud platforms\nHarden endpoints servers network devices and cloud workloads\nSupport purple team and security validation exercises\n\nSecurity Tools Platforms\nOperate and tune tools such as\nSIEM SOAR Microsoft Sentinel Splunk\nEDR XDR Microsoft Defender CrowdStrike\nFirewalls IDSIPS WAF\nCloud security platforms\n\nGovernance Risk Compliance Support\nSupport audits and compliance activities aligned to ISO 27001 NIST CSF PCI DSS and regional regulations\nPrepare security evidence reports and dashboards for management\n\nDocumentation Reporting\nMaintain incident reports runbooks dashboards and operational metrics MTTD MTTR\nProvide executive level summaries of security posture and incidents\n\nRequired Qualifications Experience\n7-10 years in Cyber Security Operations or Incident Response roles\n\nTechnical Skills\nStrong hands-on experience with SIEM EDR firewalls vulnerability management tools\nKnowledge of Windows Linux networking and cloud security concepts\nFrameworks\nMITRE ATTCK NIST ISO 27001\nOptional Defender mail security DLP Imperva DAM\n\nScripting Preferred\nPowerShell Python or KQL for automation and detection engineering\n\nPreferred Certifications\nCISSP CISM CISA\nGCIA GCIH GCED\nMicrosoft SC200 AZ500\nCompTIA Security CySA