Senior Security Architect II

We are looking for a senior-level security architect who can help modernise our detection-and-response stack by embedding automation, advanced analytics, and Generative AI. You will design end-to-end architecture, spanning data pipelines, correlation engines, SOAR playbooks, LLM-powered assistants, and autonomous agents to cut analyst toil, accelerate mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR), and raise overall cyber-resilience. 

What you'll do

Strategy & Architecture

• Own the technical roadmap for AI-powered detection & response across SIEM, XDR, etc.
• Map requirements to frameworks such as MITRE ATT&CK / D3FEND, NIST, CIS controls and ISO27001

Detection Engineering

• Research, prioritise, and prototype new detections that can be automated at scale, turning complex security data into high-fidelity signals.

Automation & Orchestration

• Design playbooks and agent workflows that auto-triage, contain, and remediate validated threats.

Generative AI & ML

• Build and tune LLM-based assistants (prompt/chain engineering, RAG, vector search) to summarise alerts, enrich context, and recommend response actions

Data & Telemetry

•  Architect scalable pipelines to ingest, transform, and store multi-petabyte security telemetry for real-time analytics

Threat Hunting & Incident Response

• Partner with SOC to codify hunts, deploy behaviour analytics, and oversee major incidents, acting as Tier-3 escalation

Governance & Risk

• Ensure AI/automation solutions meet legal, privacy, and audit requirements; define human-in-the-loop guardrails and policy enforcement

Evangelism & Mentorship

• Champion a culture of automation; coach engineers and analysts on secure coding, ML safety, and threat-informed defence

What you’ll need 

• 10+ years in cybersecurity with 5+ years focused on detection engineering, incident response, or SOC automation in large-scale environments.
  
  
• Deep understanding of attacker TTPs, network & endpoint telemetry, and log analytics
  
  
• Proven experience architecting SOAR or XDR solutions and shipping production-grade automations in Python, Go, or similar.
  
  
• Hands-on with cloud platforms (AWS or Azure or GCP) security services
  
  
• Strong ML/AI expertise, data science workflow, vector DBs, model fine-tuning; familiarity with GenAI ecosystem (OpenAI, Gemini, Llama, etc.).
  
  
• Ability to translate business risk into technical requirements and influence senior stakeholders.
  
  
• Excellent communication and mentorship skills

Nice-to-Have

• Experience deploying agent-based GenAI frameworks that autonomously execute detection–investigation–response loops
  
  
• Certifications: CISSP, GIAC (GXPN, GDAT, GCTI), GCPN, or OCSP.
  
  
• Familiarity with Infrastructure-as-Code (Terraform, CDK) and DevSecOps pipelines.
  
  
• Background in regulatory environments (PCI-DSS, GDPR, HIPAA, UAE NESA, etc.).