Cybersecurity Architect

ECIBoston, MA

About The Position

This role focuses on building and maintaining a robust security platform through automation, integration, and efficient deployment of security tooling. The position involves developing Python services, managing CI/CD pipelines, tuning the Elastic Stack for detection and response, and integrating various security tools. A key aspect is containerizing and deploying workloads securely using Docker and Kubernetes, along with creating comprehensive documentation and collaborating with the Cybersecurity Architect on the platform's reference architecture and detection standards.

Requirements

  • Degree in Computer Science or Cyber Security, or equivalent hands-on experience
  • 2+ years building software in a professional setting, with strong Python development (services, automation, and APIs, not only light scripting)
  • Hands-on experience with the Elastic Stack (Elasticsearch, Logstash/Beats, Kibana) for log ingestion, detection, or analytics
  • Practical CI/CD experience, including automated testing, build pipelines, and secure deployment workflows
  • Working knowledge of infrastructure-as-code (Terraform, Ansible, or Salt) and configuration management
  • Proficiency with Git/GitHub in a collaborative engineering workflow
  • Experience with REST APIs, webhooks, and integrations in automation workflows
  • Familiarity with core security concepts: logging, alerting, threat detection, and incident response
  • Working knowledge of Linux and Windows and their security implications
  • Strong problem-solving mindset and clear written and verbal communication

Nice To Haves

  • Experience automating detection and response workflows in a SIEM/XDR (Elastic preferred; Splunk or Microsoft Sentinel a plus)
  • Working knowledge of the MITRE ATT&CK framework and its use in detection engineering
  • Exposure to SOAR, MISP, or Sigma and detection-as-code practices
  • Foundational cloud security on AWS or Azure (IAM, shared responsibility model, basic compliance)
  • Exposure to container security and Kubernetes hardening
  • Interest in applying AI tooling to security automation

Responsibilities

  • Build and maintain Python automation, services, and integrations that improve detection, response, and customer experience across the security platform
  • Develop and operate CI/CD pipelines and infrastructure-as-code (Terraform, Ansible) to deploy and maintain security tooling
  • Build and tune detection and response content in the Elastic Stack: data ingestion, parsing and normalization, detection rules, and Kibana dashboards
  • Integrate security tools and data sources using REST APIs, webhooks, and SOAR playbooks
  • Containerize and deploy workloads with Docker and Kubernetes following secure-deployment practices
  • Write tests, documentation, and runbooks for the workflows and scripts you ship
  • Work alongside the Cybersecurity Architect to implement the platform’s reference architecture and detection standards
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service