Client Security Architect - ES / SOAR / UEBA / RBA / AI Agents / LLM

Role Overview

Seeking a senior Client Security Architect to design and implement enterprise security analytics solutions using Client Enterprise Security (ES), Client SOAR, UEBA, Risk-Based Alerting (RBA), AI Agents, LLMs, and security automation frameworks.

Responsibilities

• Architect and enhance Client ES/SOAR security operations platforms

• Design detection engineering frameworks, correlation searches, dashboards, and threat hunting capabilities

• Develop RBA frameworks to improve alert prioritization and reduce SOC noise

• Implement UEBA for behavioral analytics, anomaly detection, and threat detection

• Build and optimize SOAR playbooks and automated response workflows

• Integrate Client with:

  • EDR/XDR

  • IAM

  • Cloud Security

  • Threat Intelligence

  • Vulnerability Management platforms

AI / LLM / AI Agent Capabilities

• Design AI-driven SOC workflows using LLMs and AI Agents

• Build AI agents for:

  • Alert triage

  • Threat investigation

  • Log analysis

  • Incident summarization

  • Automated remediation recommendations

• Develop AI-assisted threat hunting and natural language-to-SPL workflows

• Experience with RAG, prompt engineering, AI security controls, and secure AI integrations

Programming & Automation Skills

• Strong Python development for:

  • SOAR playbooks

  • Security automation

  • API integrations

  • AI agent workflows

  • Data enrichment pipelines

• Experience with:

  • SPL (Client Search Processing Language)

  • REST APIs

  • JSON

  • SQL

  • JavaScript/TypeScript for integrations and automation

  • Bash/Linux scripting

• Experience integrating security platforms using APIs and automation frameworks

• Familiarity with AI frameworks such as:

  • LangChain

  • LlamaIndex

  • Azure OpenAI / AWS Bedrock integrations

Required Experience

• 10+ years cybersecurity experience

• 5+ years Client architecture experience

• Strong experience with Client ES, SOAR, UEBA, RBA, SPL, and detection engineering

• Experience modernizing SOC operations with automation and AI capabilities

• Enterprise-scale security architecture experience

Preferred Certifications

• Client Certified Architect

• Client ES / SOAR Certifications

• CISSP or equivalent security certifications

E-Verify: United States Employment Opportunities Only

E-Verify is an internet-based system operated by the Department of Homeland Security and the Social Security Administration and allows employers to confirm an individual's employment eligibility to work in the United States. Under the E-Verify rules, effective September 8, 2009, federal agencies subject to the Federal Acquisition Regulation are required to modify, and include in new contracts, a provision that requires federal contractors and subcontractors to use E-Verify. ITCO Solutions is required to adhere to these requirements.