Security Architect

RESPONSIBILITIES:
Kforce has a client that is seeking a Security Architect in Ramsey, NJ.

Overview:
This role is focused on reevaluating and architecting the SOC technology stack. The role is centered on initial build-out, architecture, and design from the ground up - not long-term maintenance.

Core Responsibilities & Scope:
* Evaluate and select a new SIEM platform

Design how the SIEM integrates with:
* EDR
* SOAR
* SDR solutions

Ensure tools work together cohesively and support automation, particularly via SOAR, to:
* Detect
* Contain
* Respond to incidents more efficiently

There is already an architect per major domain area; This role complements existing leadership.

Ownership & Decision-Making Authority:
* Transition into a long-term architect/engineer
* Potentially convert to full-time if successful

Project Phases:
GIAC / GX certs
CompTIA CASP+
Security-focused professional certifications (Security+, etc.)

Ideal Experience & Background

8+ years in security engineering and/or architecture roles
Proven experience migrating from one security tool to another (SIEM/SOAR/EDR)
Experience working with or for an MSSP is a strong plus
Strong background in security tool evaluation, implementation, and optimization
Experience building or improving incident response or forensics processes/tools (big plus)
Experience writing and managing Sigma rules (not required but highly desirable)

Current Security Landscape
Their existing stack consists of:

SIEM: Google SecOps (currently considering replacements)
EDR: They like their current EDR and are likely to keep it
SOAR: Using Swimlane; also open to alternatives

This person will be primarily responsible for the project; Acts as the ultimate advisor on SIEM/SOC architecture decisions:
Phase 1: Assessment & Recommendations:
* Evaluate current tools and architecture
* Test, validate, and compare alternative solutions
* Provide recommendations that meet defined criteria

REQUIREMENTS:
* GIAC/GX certs
* CompTIA CASP+
* Security-focused professional certifications (Security+, etc.)

Ideal Experience & Background:
* 8+ years in security engineering and/or architecture roles
* Proven experience migrating from one security tool to another (SIEM/SOAR/EDR)
* Experience working with or for an MSSP is a strong plus
* Strong background in security tool evaluation, implementation, and optimization
* Experience building or improving incident response or forensics processes/tools (big plus)
* Experience writing and managing Sigma rules (not required but highly desirable)

Current Security Landscape:
Their existing stack consists of:
* SIEM: Google SecOps (currently considering replacements)
* EDR: They like their current EDR and are likely to keep it
* SOAR: Using Swimlane; Also open to alternatives

* Strong experience architecting and setting up a SIEM solution (hands-on build experience required)
* Deep familiarity with SIEM/SOC tooling ecosystems

Experience with any of the following is highly relevant:
* Elastic/ELK
* Splunk
* IBM QRadar
* Google SecOps

Ideal Candidate Indicators:
Resume highlights such as:
* Built out an ELK stack for X company
* Architected or led a SIEM migration/buildout

* Bonus skill: Sigma Rules experience (less common, usually seen in mature MSSPs)

Current Tooling & Market Context:
* Elastic and SentinelOne are the two solutions that have stood out
* SentinelOne is currently used for EDR

The SIEM product from SentinelOne is very new to the market, so:
* Expect limited real-world experience in candidate pool

* Candidates may have experience across multiple SIEM platforms, which is expected and acceptable
* Broad SIEM exposure is valued highly due to the evolving landscape
* Prior experience evaluating tooling, making architecture decisions, and leading implementation phases
* Experience migrating to or from a SIEM platform is a strong signal

The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.

We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.

Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.

This job is not eligible for bonuses, incentives or commissions.

Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.