Security Architect
Fully Remote - US
Security Architect
Full Time • Fully Remote - US
Benefits:
- Competitive salary
Location
Remote
Preference for candidates able to be onsite in Columbia, South Carolina as needed
Preference for candidates able to be onsite in Columbia, South Carolina as needed
Experience Level
Senior Level (5 or more years of relevant experience)
Role Overview
The Security Architect – Consultant serves as a detection engineer supporting enterprise security monitoring and response capabilities. This role focuses on creating, tuning, and maintaining detection rules within a centralized monitoring environment. The position works closely with SOC analysts, threat hunters, engineering teams, and agency stakeholders to improve detection coverage, reduce false positives, and strengthen enterprise security operations.
Key Responsibilities
Detection Engineering & Rule Development
- Review, tune, and maintain existing detection rules within the SIEM environment
- Develop new detection rules and solutions to address identified coverage gaps
- Monitor threat intelligence sources to identify new detection use cases
- Use industry-standard detection approaches to improve threat visibility and response effectiveness
Coverage Analysis & Threat Alignment
- Perform gap analysis of current detection coverage
- Partner with threat hunting teams to identify and remediate detection gaps
- Align detection logic with known adversary tactics, techniques, and procedures
- Apply MITRE ATT&CK mapping to support detection strategy and coverage analysis
SOC Collaboration & Operational Support
- Work with SOC analysts to create, validate, and tune detection rules
- Coordinate with engineering, SOC, and agency staff to meet security operations goals
- Support troubleshooting and refinement of monitoring workflows
- Provide technical input for security operations improvement initiatives
Documentation, Runbooks & Reporting
- Document detection processes, runbooks, and troubleshooting steps
- Create and maintain documentation supporting detection engineering and monitoring workflows
- Support dashboard creation and reporting for security operations visibility
- Communicate detection updates, findings, and recommendations to stakeholders
Stakeholder Engagement & Service Adoption
- Engage with agency stakeholders to promote and improve adoption of centralized security services
- Provide clear communication and customer-focused support for agency-facing security needs
- Support multi-agency and enterprise service delivery through consistent processes and documentation
Required Qualifications
- Bachelor’s degree in Information Technology, Information Security, or related field, or equivalent professional experience
- 5 or more years of experience supporting large IT environments or system deployments
- 5 or more years of experience with scripting and automation using Python, Bash, PowerShell, or similar languages
- Experience with Sigma, YARA, and other industry-standard detection languages
- Experience working with the MITRE ATT&CK framework
- Proven experience with detection rule development, tuning, or security monitoring improvement
- Strong written and verbal communication skills
Preferred Qualifications
- Experience with the Palo Alto Cortex XSIAM platform
- Deep understanding of Windows and Linux artifacts
- Experience working in multi-tenant environments
- Experience supporting multi-agency or enterprise security service projects
- CISSP, CISA, CISO, or equivalent advanced security certification
- Additional security certifications such as CEH, OSCP, or GPEN
- Vendor certifications in detection engineering
- Candidate located in or near Columbia, South Carolina
Core Skills & Attributes
- Strong analytical and investigative mindset
- Ability to identify detection gaps and translate findings into actionable improvements
- Strong scripting and automation capabilities
- Clear communication with technical and non-technical stakeholders
- Customer-focused approach for agency-facing engagement
- Strong documentation discipline and attention to operational detail
- Ability to collaborate effectively across SOC, engineering, and stakeholder teams
This is a remote position.
Established in 2004, Smart Tech Skills is a top technology and professional services firm specializing in innovative technologies.
Headquartered in Marlborough, MA, the company effectively addresses clients’ technology needs nationwide, making advanced technology management easier.
Headquartered in Marlborough, MA, the company effectively addresses clients’ technology needs nationwide, making advanced technology management easier.
(if you already have a resume on Indeed)