Security Architect –W2 Only

Role: Security Architect –W2 Only

Work Location: Remote

Duration: 12 months, with possibility of extension.

Interview Process: 1 round, Virtual/Online - potential for a 2nd round onsite as needed
On-site as needed (preference for candidates able to work on-site or hybrid)

Job Description:

This position will function as a Consulting Detection Engineer within agency, focused on:

• Creating, tuning, and maintaining detection rules in the agency and monitoring platforms
• Performing detection gap analysis and developing solutions to close coverage gaps
• Promoting adoption of centralized security services across agencies
• Supporting security operations through documentation, automation, and integration work

Key Responsibilities

• Review, tune, and optimize current detection rules within the agency
• Conduct detection coverage gap analysis and implement new detection use cases
• Monitor threat intelligence sources for emerging detection opportunities
• Collaborate with SOC analysts and threat hunters to improve detection fidelity
• Develop detection rules and solutions using industry-standard methodologies
• Document processes, runbooks, and troubleshooting steps related to SOAR and integrations
• Create dashboards and reporting to measure detection effectiveness
• Coordinate with engineering teams, SOC, and agency staff to meet security goals
• Provide agency-facing support and communication to improve centralized service adoption
• Perform other duties as required

Required Skills & Experience

• Bachelors Degree in an Information Technology or Information Security related field; 8+ years of relevant work experience in security architecture may be substituted in lieu of education
• 5+ years of experience with scripting automation (Python, Bash, PowerShell, or similar)
• 5+ years of experience in supporting large IT environments and/or system deployments
• Experience with Sigma, Yara, and other industry standard detection languages
• Experience with MITRE ATT & CK Framework

Preferred Skills :

• CISSP, CISA, CISO or equivalent advanced security certifications (CEH, OSCP. GPEN)

• Experience with the Palo Alto Networks Cortex XSIAM  Platform
• Experience in multi-tenancy environments
• Experience working on enterprise or multi-agency security service projects

Education & Qualifications

• Bachelor’s degree in Information Technology, Information Security, or related field
  OR eight (8) years of relevant experience in lieu of degree
• 5+ years of hands-on experience in detection engineering, scripting, and large environment support