Senior Cybersecurity Architect

Company: ITHR Tech

Location: UAE (Onsite or Offshore)

Availability: Immediate Joiners Preferred

Salary: Negotiable

Experience: 15–20 years in Cybersecurity

ITHR Tech is seeking a highly experienced Senior Cybersecurity Architect to lead SIEM/SOC modernization, cybersecurity architecture assessments, and incident response capability uplift. This role requires strong technical depth, strategic thinking, and the ability to drive large‑scale transformation programs across enterprise environments, including banking, finance, and telecom.

• Conduct end‑to‑end assessments of SIEM architecture, SOC operations, and enterprise IR capabilities.
• Evaluate maturity across people, processes, and technology to identify strengths and gaps.
• Benchmark against global frameworks (NIST CSF, ISO 27001, MITRE ATT&CK).
• Develop a modernization roadmap for SIEM, SOC, and IR functions.

• Redesign SIEM architecture and log ingestion strategy for improved visibility and performance.
• Enhance log parsing, normalization, enrichment, and ingestion for cloud, endpoints, networks, and OT/ICS systems.
• Improve correlation rules, use cases, and alert tuning to reduce false positives.
• Implement advanced threat detection aligned to MITRE ATT&CK.
• Establish SIEM governance, rule‑tuning methodology, and operational best practices.

• Assess SOC workflows, shift models, tooling, and tiered analyst responsibilities.
• Redesign triage and escalation processes to improve SLA adherence and response efficiency.
• Strengthen integration across SIEM, SOAR, TIP, EDR, ticketing, and threat intel platforms.
• Develop/refine IR playbooks for major incident scenarios.
• Lead SOC modernization with automation, orchestration, and capability uplift.

• Evaluate IR processes including detection, containment, eradication, and recovery.
• Conduct tabletop exercises and simulation‑based training to enhance readiness.
• Improve cross‑functional coordination across IT, Security, Risk, and Compliance teams.
• Advise leadership on emerging threats and best‑practice response strategies.

• Lead implementation of all recommended enhancements across SIEM, SOC, and IR functions.
• Manage cross‑functional workstreams to ensure successful delivery and adoption.
• Ensure all changes meet regulatory, compliance, and cybersecurity best‑practice standards.
• Track and report KPIs such as MTTD, MTTR, false‑positive rates, use‑case effectiveness, and detection coverage.

• 15–20 years of hands‑on cybersecurity experience.
• Strong expertise in SIEM/SOC design, engineering, and operations.
• Experience in cybersecurity governance, compliance, and risk management.
• Proven track record conducting security architecture reviews and cyber maturity assessments.
• Ability to effectively collaborate with IT, security teams, and external vendors.
• Industry experience in banking, finance, telecom, or large enterprise environments.
• Strong communication, leadership, and stakeholder engagement skills.

Location: UAE

Engagement: Onsite or Offshore

Start Date: Immediate joiners preferred