Lead Cyber Security Architect/Engineer
United States
Full Time
7 hours ago
$183,000 - $250,000 USD
No H1B
Key skills
PythonPowerShellAnalyticsAWSAzureGCPSplunkLeadershipNetwork Security
About this role
Solstice Advanced Materials is a leading global specialty materials company that advances science for smarter outcomes. As a Lead Cybersecurity Architect/Engineer, you will serve as the technical lead for the Security Operations Center, focusing on threat detection, incident leadership, and improving security visibility across various environments.
Responsibilities:
- Act as the technical lead and escalation point for the SOC, guiding analysts during complex investigations and major incidents
- Design, implement, and tune threat detections across SIEM, EDR/XDR, and other security telemetry platforms
- Lead and coordinate incident response activities, including investigation, containment, eradication, and recovery
- Develop detection engineering practices aligned with adversary behaviors and frameworks such as MITRE ATT&CK
- Conduct proactive threat hunting and continuously improve detection coverage
- Build and maintain automation, enrichment pipelines, and response playbooks to improve SOC efficiency and investigation speed
- Collaborate with infrastructure, network, cloud, and platform engineering teams to ensure high-quality security telemetry and monitoring coverage
- Define and track SOC performance metrics (alert fidelity, MTTD, MTTR) and lead initiatives to improve detection quality
Requirements:
- 7–10+ years of experience in cybersecurity, security operations, detection engineering, or incident response
- Strong experience with SIEM platforms such as Splunk, Microsoft Sentinel, Elastic, or QRadar
- Hands-on experience with EDR/XDR platforms and endpoint investigation workflows
- Deep understanding of attack techniques, threat detection methodologies, and adversary tactics
- Experience developing detection rules, correlation logic, and behavioral analytics
- Strong scripting or automation skills using Python, PowerShell, or similar languages
- Solid understanding of network security, enterprise infrastructure, and cloud environments (AWS, Azure, or GCP)
- Due to compliance with U. S export control laws and regulations, candidate must be a U.S. citizen, permanent resident, or have asylum or refugee status in U.S
- Experience building or maturing a detection engineering or SOC program
- Experience with security automation and SOAR platforms
- Familiarity with threat intelligence integration and threat hunting methodologies
- Knowledge of cloud-native security monitoring and identity telemetry
- Relevant certifications such as GCIA, GCIH, GCED, CISSP, or similar
- Active security clearance