Senior Cybersecurity Architect

Senior Cybersecurity Architect - SIEM/SOC & Incident Response

Company: ITHR Tech

Location: UAE (Onsite or Offshore)

Availability: Immediate Joiners Preferred

Salary: Negotiable

Experience: 15-20 years in Cybersecurity

About the Role

ITHR Tech is seeking a highly experienced Senior Cybersecurity Architect to lead SIEM/SOC modernization, cybersecurity architecture assessments, and incident response capability uplift. This role requires strong technical depth, strategic thinking, and the ability to drive large scale transformation programs across enterprise environments, including banking, finance, and telecom.

Key Responsibilities 1. Cybersecurity Architecture Assessment & Strategy

• Conduct end to end assessments of SIEM architecture, SOC operations, and enterprise IR capabilities.
• Evaluate maturity across people, processes, and technology to identify strengths and gaps.
• Benchmark against global frameworks (NIST CSF, ISO 27001, MITRE ATT&CK).
• Develop a modernization roadmap for SIEM, SOC, and IR functions.

2. SIEM Optimization & Enhancement

• Redesign SIEM architecture and log ingestion strategy for improved visibility and performance.
• Enhance log parsing, normalization, enrichment, and ingestion for cloud, endpoints, networks, and OT/ICS systems.
• Improve correlation rules, use cases, and alert tuning to reduce false positives.
• Implement advanced threat detection aligned to MITRE ATT&CK.
• Establish SIEM governance, rule tuning methodology, and operational best practices.

3. SOC Maturity Improvement & Operational Excellence

• Assess SOC workflows, shift models, tooling, and tiered analyst responsibilities.
• Redesign triage and escalation processes to improve SLA adherence and response efficiency.
• Strengthen integration across SIEM, SOAR, TIP, EDR, ticketing, and threat intel platforms.
• Develop/refine IR playbooks for major incident scenarios.
• Lead SOC modernization with automation, orchestration, and capability uplift.

4. Incident Response Uplift

• Evaluate IR processes including detection, containment, eradication, and recovery.
• Conduct tabletop exercises and simulation based training to enhance readiness.
• Improve cross functional coordination across IT, Security, Risk, and Compliance teams.
• Advise leadership on emerging threats and best practice response strategies.

5. Implementation Leadership & Delivery

• Lead implementation of all recommended enhancements across SIEM, SOC, and IR functions.
• Manage cross functional workstreams to ensure successful delivery and adoption.
• Ensure all changes meet regulatory, compliance, and cybersecurity best practice standards.
• Track and report KPIs such as MTTD, MTTR, false positive rates, use case effectiveness, and detection coverage.

Required Expertise

• 15-20 years of hands on cybersecurity experience.
• Strong expertise in SIEM/SOC design, engineering, and operations.
• Experience in cybersecurity governance, compliance, and risk management.
• Proven track record conducting security architecture reviews and cyber maturity assessments.
• Ability to effectively collaborate with IT, security teams, and external vendors.
• Industry experience in banking, finance, telecom, or large enterprise environments.
• Strong communication, leadership, and stakeholder engagement skills.

Work Model

Location: UAE

Engagement: Onsite or Offshore

Start Date: Immediate joiners preferred