JOB Description – Solution Architect Managed Security

Job Purpose

The SOC Solution Architect will be responsible for designing and delivering advanced Security Operations Center (SOC) solutions, including SIEM, SOAR, UEBA, Threat Intelligence Platforms, and AI-driven automation technologies. The role includes integrating Agentic Security AI capabilities to elevate threat detection, response orchestration, and predictive defense. This position requires deep technical skills, strong client engagement, and a future-ready mindset aligned with Qatar’s national cybersecurity objectives.

Key Responsibilities

• Engage with enterprise and government customers to understand their needs and build SOC/Security solution architectures that align with their requirements and budget.
• Study existing security solutions and environments to propose enhanced or next-generation SOC solutions using SIEM, SOAR, UEBA, and Agentic AI technologies.
• Prepare comprehensive technical documentation including High-Level Designs (HLD), Low-Level Designs (LLD), presentations, proposals, and Bill of Materials.
• Lead use case development, custom correlation rules, and advanced analytics mapping using MITRE ATT&CK and AI-driven behavioral baselining.
• Design and lead the end-to-end implementation of SOC solutions, including log source onboarding, detection rule development, use case implementation, and automation workflows.
• Ensure seamless integration of SOC components with existing security and network infrastructure (e.g., firewalls, endpoints, cloud platforms, proxies, TIPs).
• Support escalation handling during solution deployment or operations, particularly for complex issues involving SIEM rules, SOAR playbooks, or AI-based automation.
• Oversee the deployment of SOC components by security engineers and implementation teams, ensuring delivery quality and technical accuracy.
• Conduct regular stakeholder workshops, architecture reviews, and integration meetings to align solution outcomes with customer expectations.
• Compile and present technical and executive-level reports, detection coverage summaries, and platform health metrics to customers as required.
• Design and implement AI-enhanced threat detection use cases, including behavioral baselining, anomaly scoring, and predictive analytics.
• Drive the adoption of Agentic Security AI, integrating autonomous agents for alert triage, incident enrichment, and self-healing response flows.
• Stay up-to-date with evolving cybersecurity technologies, compliance frameworks, and AI advancements relevant to SOC modernization.

Required Skills & Qualifications

Core SOC Skills:

• Must have 12–16 years of cybersecurity experience, with at least 5+ years in SOC/SIEM architecture and delivery.
• Proven expertise in platforms like Splunk, Microsoft Sentinel, and google chronical.
• Hands-on with SOAR platforms (e.g., Cortex XSOAR, Splunk SOAR).
• Experience building threat intelligence pipelines, UEBA, and detection logic and SOC use cases.

Agentic Security AI & Advanced Automation:

• Understanding of Agentic Security AI concepts, including autonomous agents for detection, triage, and incident response.
• Experience integrating AI/ML models into SIEM/SOAR ecosystems for behavioral analytics, anomaly detection, or phishing response.
• Exposure to LLM-assisted SOC tools (e.g., Microsoft Copilot for Security, Elastic AI Assistant, Sentinel ML-based analytics).
• Familiarity with building or fine-tuning detection logic using data science techniques or scripting (Python, Jupyter Notebooks).
• Awareness of ethical AI, model accuracy, drift handling, and explainability in cybersecurity contexts.

Additional Skills:

• Strong knowledge of enterprise network and security infrastructure.
• Excellent presentation, documentation, and customer communication abilities.
• Cybersecurity certifications such as CISSP, GIAC, or vendor-specific SIEM/AI certifications are a plus.
• Experience across Banking, Public Sector, or Critical Infrastructure verticals.