Role: Security Architect
Location: Remote
Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed
Duration of the Contract: 12 months
Possibility for Extension: Yes
Work Location: Fully Remote
Candidate Location: No SC residency required. Open to nationwide candidates.
W2 Contract
IMPORTANT INFORMATION: This position requires the candidate to be engaged exclusively on Maxpath Technologies’ W2 payroll. Engagements via 1099 or third-party/sub-vendor or Corp-to-Corp arrangements are not accepted.
Daily Duties / Responsibilities:
PREFERENCE WILL BE GIVEN TO A CANDIDATE WHO CAN WORK ONSITE OVER HYBRID AND
OVER FULL-TIME REMOTE (ON-SITE AS NEEDED).
• Review and tune current detection rules within the State SIEM.
• Perform Gap analysis of the current detection coverage.
• Develop detection rules/solutions to cover found Gaps.
• monitor threat intelligence sources for new use cases.
• Work with State SOC analysts to create and tune rules.
• Work with the State Threat Hunter to identify and remediate detection coverage gaps.
• Document processes, runbooks, and troubleshooting steps related to the SOAR and integrations.
• Coordinate with engineering, SOC, and agency staff as needed to meet goals.
• Other duties as needed.
Additional skills and duties:
• Proven experience with detection tuning/development..
• Experience with dashboard creation and reporting.
Preferred Skills (rank in order of Importance):
• Experience with the Palo Alto Cortex XSIAM platform.
• Deep understanding of Windows/Linux artifacts.
• Excellent communication and customer service skills for agency- facing engagement.
• Experience in working in multi- tenancy environment
• Experience in multi-agency or enterprise service projects.
Required Education/Certifications:
• BACHELOR''S DEGREE IN AN INFORMATION TECHNOLOGY OR INFORMATION SECURITY RELATED FIELD
• EIGHT YEARS OF RELEVANT WORK EXPERIENCE MAY BE SUBSTITUTED IN LIEU OF EDUCATION
• FIVE YEARS OF EXPERIENCE IN SUPPORTING LARGE IT ENVIRONMENTS AND/OR SYSTEM DEPLOYMENTS
• 5+ years of Strong scripting and automation skills (Python, Bash, PowerShell, or similar).
• Understanding of Sigma, YARA, and other industry standard detection languages.
• Familiarity with MITRE ATT&CK framework
Preferred Education/Certifications:
• CISSP, CISA, CISO or equivalent advanced security certification.
• Additional relevant certifications (e.g., CEH, OSCP, GPEN).
• VENDOR CERTIFICATIONS IN DETECTION ENGINEERING.
Never miss an opportunity! Create an alert based on the job you applied for.
