📌 Job Title: Senior Cybersecurity Architect – SIEM/SOC & Incident Response
Company: ITHR Tech
Location: UAE (Onsite or Offshore)
Availability: Immediate Joiners Preferred
Salary: Negotiable
Experience: 15–20 years in Cybersecurity
🔎 About the Role
ITHR Tech is seeking a highly experienced Senior Cybersecurity Architect to lead SIEM/SOC modernization, cybersecurity architecture assessments, and incident response capability uplift. This role requires strong technical depth, strategic thinking, and the ability to drive large-scale transformation programs across enterprise environments, including banking, finance, and telecom.
🎯 Key Responsibilities
1. Cybersecurity Architecture Assessment & Strategy
Conduct end-to-end assessments of SIEM architecture, SOC operations, and enterprise IR capabilities.
Evaluate maturity across people, processes, and technology to identify strengths and gaps.
Benchmark against global frameworks (NIST CSF, ISO 27001, MITRE ATT&CK).
Develop a modernization roadmap for SIEM, SOC, and IR functions.
2. SIEM Optimization & Enhancement
Redesign SIEM architecture and log ingestion strategy for improved visibility and performance.
Enhance log parsing, normalization, enrichment, and ingestion for cloud, endpoints, networks, and OT/ICS systems.
Improve correlation rules, use cases, and alert tuning to reduce false positives.
Implement advanced threat detection aligned to MITRE ATT&CK.
Establish SIEM governance, rule-tuning methodology, and operational best practices.
3. SOC Maturity Improvement & Operational Excellence
Assess SOC workflows, shift models, tooling, and tiered analyst responsibilities.
Redesign triage and escalation processes to improve SLA adherence and response efficiency.
Strengthen integration across SIEM, SOAR, TIP, EDR, ticketing, and threat intel platforms.
Develop/refine IR playbooks for major incident scenarios.
Lead SOC modernization with automation, orchestration, and capability uplift.
4. Incident Response Uplift
Evaluate IR processes including detection, containment, eradication, and recovery.
Conduct tabletop exercises and simulation-based training to enhance readiness.
Improve cross-functional coordination across IT, Security, Risk, and Compliance teams.
Advise leadership on emerging threats and best-practice response strategies.
5. Implementation Leadership & Delivery
Lead implementation of all recommended enhancements across SIEM, SOC, and IR functions.
Manage cross-functional workstreams to ensure successful delivery and adoption.
Ensure all changes meet regulatory, compliance, and cybersecurity best-practice standards.
Track and report KPIs such as MTTD, MTTR, false-positive rates, use-case effectiveness, and detection coverage.
🧩 Required Expertise
15–20 years of hands-on cybersecurity experience.
Strong expertise in SIEM/SOC design, engineering, and operations.
Experience in cybersecurity governance, compliance, and risk management.
Proven track record conducting security architecture reviews and cyber maturity assessments.
Ability to effectively collaborate with IT, security teams, and external vendors.
Industry experience in banking, finance, telecom, or large enterprise environments.
Strong communication, leadership, and stakeholder engagement skills.
📍 Work Model
Location: UAE
Engagement: Onsite or Offshore
Start Date: Immediate joiners preferred
