Security Architect

We are seeking an experienced Security Architect to lead the design, deployment, and optimization of Palo Alto Cortex XDR across enterprise environments. The role requires deep expertise in SIEM and SOAR Platform, strong exposure to security automation, and hands-on experience integrating with SIEM platforms for centralized monitoring and incident response.

The architect will drive advanced threat detection, automated response use cases, and SOC modernization initiatives while aligning security operations with best practices and zero-trust principles.

Key Responsibilities

XDR Architecture & Strategy

  • Design and own the Cortex XDR architecture across endpoints, servers, and cloud workloads
  • Define XDR onboarding strategy for endpoints, network, and cloud telemetry
  • Establish detection, prevention, and response standards aligned with MITRE ATT&CK
  • Lead XDR roadmap, capacity planning, and platform optimization
  • Cortex XDR Implementation & Operations
  • Architect and deploy Palo Alto Cortex XDR:
  • Endpoint protection, behavioral analytics, and threat prevention
  • Incident correlation and root cause analysis
  • Tune detection policies, alert thresholds, and prevention profiles
  • Oversee agent deployment, upgrades, and performance optimization Automation & SOAR
  • Design and implement security automation and response workflows
  • Integrate Cortex XDR with SOAR platforms (Cortex XSOAR preferred)

Develop automated playbooks for:

  • Alert triage and enrichment
  • Containment and remediation (endpoint isolation, user disablement, IOC blocking)
  • Leverage APIs, scripting, and integrations to reduce manual SOC effort SIEM Integration & Monitoring
  • Integrate Cortex XDR with SIEM platforms (Splunk, Sentinel, QRadar, etc.)
  • Design log ingestion, normalization, and correlation use cases
  • Build dashboards and alerts for SOC visibility and executive reporting
  • Optimize signal-to-noise ratio across SIEM and XDR platforms
  • Threat Detection & Incident Response
  • Define and validate advanced detection use cases
  • Lead threat hunting initiatives using XDR and SIEM telemetry
  • Support incident response investigations and post-incident reviews
  • Continuously improve detections based on emerging threats
Apply Now
Apply Now

Job Details

Company
Response Informatics
Location
City of London, London, United Kingdom
Posted