SOC Architect / Splunk Engineer
Posted Today by 1764469636
Negotiable
Outside
Remote
USA
Summary: The SOC Security Architect role involves leading the design, validation, and governance of enterprise security architecture in hybrid environments. This position is suited for a senior cybersecurity professional with a blend of technical expertise and strategic design thinking, capable of influencing various stakeholders. The role requires strong client-facing skills and hands-on experience with Splunk, along with a focus on security architecture and compliance. The opportunity is a remote long-term contract requiring U.S. citizenship and the ability to obtain a public trust clearance.
Key Responsibilities:
- Develop and maintain SOC security architecture for hybrid cloud, data center, identity, and endpoint ecosystems.
- Translate federal and organizational security requirements (NIST, RMF, Zero Trust) into enforceable technical control patterns, standards, and baselines.
- Conduct threat modeling and architecture risk assessments for new systems, major changes, and modernization initiatives.
- Define and document security reference architectures, data flows, segmentation models, and defense-in-depth control layers.
- Partner with Cloud, Network, IAM, DevSecOps, and SOC teams to ensure secure-by-design implementation throughout system lifecycles.
- Provide architectural review and approval for new deployments, configuration changes, tool onboarding, and emerging initiatives.
- Evaluate security technology capabilities and develop multi-year roadmap recommendations based on mission priorities and evolving threat landscape.
Key Skills:
- 8+ years of hands-on cybersecurity experience, including 4+ years in security architecture, engineering, or security design roles.
- Demonstrated ability to architect SOC secure solutions across hybrid environments (cloud + on-prem), including identity, network, data, and workload security, with a strong emphasis on SIEM (Splunk).
- Strong command of enterprise security control design and defense-in-depth principles.
- Knowledge of Zero Trust architectures and identity-centric access models.
- Experience with threat modeling and architecture risk assessment methodologies.
- Familiarity with security logging, telemetry, and monitoring architecture.
- Understanding of federal cybersecurity standards (NIST 800-53, 800-171, NIST CSF, FedRAMP, RMF).
- Ability to translate risk, threats, and compliance requirements into technical design decisions.
- Excellent written and verbal communication skills, including security architecture documentation and executive briefing.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
A recognized services company is actively seeking an experienced and forward-thinking SOC Security Architect to lead the design, validation, and governance of enterprise security architecture supporting enterprise hybrid environments. This role is ideal for a senior cybersecurity professional who combines deep technical expertise with strategic design thinking and the ability to influence across engineering, security, and executive stakeholders.
About the Opportunity:
- Remote long term contract Opportunity
- Must be able to obtain and maintain the required agency clearance (6C Public Trust)
Expectations for the position:
- Client Facing (Excellent verbal & written communication)
- Splunk Architect/Engineer Experience (Hands-on)
- PM experience to communicate tasks and timelines
- ITSM experience (preference ServiceNow) to manage tickets
- Enterprise logging - To design and improve probability of detection
- U.S. Citizen (Public Trust 6c)
Contributing Skills/Education
- Splunk user as an analyst (e.g., cyber threat hunting, cyber threat intel, RedTeam, PurpleTeam, PenTest)
- Splunk certifications
- GIAC certifications
- Architected solutions for SOC (e.g., EDR, NDR, AV, FW,ASM,DLP,CTEM,CAS,BAS, DFIR, Cloud - AWS)
Responsibilities:
- Develop and maintain SOC security architecture for hybrid cloud, data center, identity, and endpoint ecosystems.
- Translate federal and organizational security requirements (NIST, RMF, Zero Trust) into enforceable technical control patterns, standards, and baselines.
- Conduct threat modeling and architecture risk assessments for new systems, major changes, and modernization initiatives.
- Define and document security reference architectures, data flows, segmentation models, and defense-in-depth control layers.
- Partner with Cloud, Network, IAM, DevSecOps, and SOC teams to ensure secure-by-design implementation throughout system lifecycles.
- Provide architectural review and approval for new deployments, configuration changes, tool onboarding, and emerging initiatives.
- Evaluate security technology capabilities and develop multi-year roadmap recommendations based on mission priorities and evolving threat landscape.
Qualifications
- 8+ years of hands-on cybersecurity experience, including 4+ years in security architecture, engineering, or security design roles.
- Demonstrated ability to architect SOC secure solutions across hybrid environments (cloud + on-prem), including identity, network, data, and workload security. With a strong emphasis on SIEM (Splunk)
- Strong command of:
- Enterprise security control design and defense-in-depth principles
- Zero Trust architectures and identity-centric access models
- Threat modeling and architecture risk assessment methodologies
- Security logging, telemetry, and monitoring architecture
- Federal cybersecurity standards (NIST 800-53, 800-171, NIST CSF, FedRAMP, RMF)
- Ability to translate risk, threats, and compliance requirements into technical design decisions.
- Excellent written and verbal communication skills, including security architecture documentation and executive briefing.