Client Security Architect ES / SOAR / UEBA / RBA / AI Agents / LLM

Role Overview

Seeking a senior Client Security Architect to design and implement enterprise security analytics solutions using Client Enterprise Security (ES), Client SOAR, UEBA, Risk-Based Alerting (RBA), AI Agents, LLMs, and security automation frameworks.

Responsibilities

• Architect and enhance Client ES/SOAR security operations platforms

• Design detection engineering frameworks, correlation searches, dashboards, and threat hunting capabilities

• Develop RBA frameworks to improve alert prioritization and reduce SOC noise

• Implement UEBA for behavioral analytics, anomaly detection, and threat detection

• Build and optimize SOAR playbooks and automated response workflows

• Integrate Client with:

  • EDR/XDR

  • IAM

  • Cloud Security

  • Threat Intelligence

  • Vulnerability Management platforms

AI / LLM / AI Agent Capabilities

• Design AI-driven SOC workflows using LLMs and AI Agents

• Build AI agents for:

  • Alert triage

  • Threat investigation

  • Log analysis

  • Incident summarization

  • Automated remediation recommendations

• Develop AI-assisted threat hunting and natural language-to-SPL workflows

• Experience with RAG, prompt engineering, AI security controls, and secure AI integrations

Programming & Automation Skills

• Strong Python development for:

  • SOAR playbooks

  • Security automation

  • API integrations

  • AI agent workflows

  • Data enrichment pipelines

• Experience with:

  • SPL (Client Search Processing Language)

  • REST APIs

  • JSON

  • SQL

  • JavaScript/TypeScript for integrations and automation

  • Bash/Linux scripting

• Experience integrating security platforms using APIs and automation frameworks

• Familiarity with AI frameworks such as:

  • LangChain

  • LlamaIndex

  • Azure OpenAI / AWS Bedrock integrations

Required Experience

• 10+ years cybersecurity experience

• 5+ years Client architecture experience

• Strong experience with Client ES, SOAR, UEBA, RBA, SPL, and detection engineering

• Experience modernizing SOC operations with automation and AI capabilities

• Enterprise-scale security architecture experience

Preferred Certifications

• Client Certified Architect

• Client ES / SOAR Certifications

• CISSP or equivalent security certifications

E-Verify: United States Employment Opportunities Only

E-Verify is an internet-based system operated by the Department of Homeland Security and the Social Security Administration and allows employers to confirm an individual s employment eligibility to work in the United States. Under the E-Verify rules, effective September 8, 2009, federal agencies subject to the Federal Acquisition Regulation are required to modify, and include in new contracts, a provision that requires federal contractors and subcontractors to use E-Verify. ITCO Solutions is required to adhere to these requirements.