Cybersecurity Threat/SOC Architect

About The Position

Requirements

• Expert‑level knowledge of SIEM/SOAR platforms (e.g., Splunk, PaloAlto XSOAR, Sentinel, QRadar).
• Strong experience with EDR/XDR(CrowdStrike), NDR (PaloAlto), cloud security (AWS/Azure), identity threat detection, and network telemetry.
• Deep understanding of attacker tradecraft, MITRE ATT&CK, detection engineering, threat hunting, and incident response.
• Hands‑on experience with scripting/automation (Python, PowerShell, API integrations).
• Familiarity with containerized environments, cloud-native logging, and data platforms.
• Understanding of OT/IIoT environments and associated detection challenges is a plus.
• Understanding of all architectural components and their interrelationships
• Solid presentation and written communication skills
• Good judgment and the ability to handle stressful situations
• Team lead experience in application development
• Knowledge and experience of one or more languages e.g. Java, C#, etc.
• Knowledge and experience with server-side technologies
• Knowledge and experience with client-side technologies e.g. Node, Angular
• Knowledge of cloud technologies
• Ability to define problems, collect data, establish facts, and draw valid conclusions
• Bachelor’s degree required
• Post-graduate degree in Computer Science or Management Information Systems expected
• Minimum 12 years of experience in a related discipline
• Or, equivalent combination of education, training, or experience

Nice To Haves

• Preferred Certifications: Certified Information Systems Security Professional (CISSP)
• GIAC Cyber Threat Intelligence (GCTI)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Detection Analyst (GCDA)
• GIAC Certified Enterprise Defender (GCED)
• Offensive Security Certified Professional (OSCP)
• Offensive Security Certified Expert (OSCE)
• Certified Cloud Security Professional (CCSP)
• Certified Web Application Defender (GWEB)
• Certified Cloud Penetration Tester (GCPN)
• Open CA Level 1: Certified TOGAF 9 Foundation
• ArchiMate 3 Foundation

Responsibilities

• Architecture & Strategy Develop and maintain the enterprise SOC and Threat Detection architecture, including SIEM, SOAR, UEBA, XDR, log management, threat intel, and endpoint detection technologies.
• Define the multi‑year roadmap for SOC modernization, including platform migrations (e.g., SIEM consolidation, Splunk cloud/on‑prem, data lake integrations).
• Architect scalable ingestion pipelines, correlation logic, and detection engineering frameworks.
• Design and enforce standards for log source onboarding, data quality, enrichment, and retention.
• Threat Detection & Engineering Lead creation of advanced detection content, playbooks, response workflows, and automated pipelines.
• Build and enable AI/ML‑driven threat detection (e.g., behavioral analytics, agentic AI protection, anomaly detection, LLM‑assisted alert triage).
• Partner with Incident Response and Threat Intelligence teams to operationalize intelligence‑driven use cases and attack simulations.
• SOC Operations Enablement Serve as a technical advisor to SOC management on improving visibility, detection coverage, and operational efficiency.
• Provide architectural guidance for Tier 1/Tier 2 SOC workflows, escalations, and integration of managed SOC providers.
• Drive automation initiatives to reduce manual alert handling and improve response times.
• Establish KPIs, detection efficacy metrics, and reporting models.
• Platform Ownership & Integrations Provide subject matter expertise for SIEM, SOAR, EDR, NDR, cloud logging, OT/IIoT telemetry, and identity threat detection.
• Oversee integration of security tools: firewalls, identity platforms, cloud workloads, data protection tools, OT environments, etc.
• Partner with engineering teams on platform deployments, upgrades, and new technology evaluations.
• Ensure architecture aligns with enterprise compliance, audit requirements, and Zero‑Trust standards.
• Collaboration & Leadership Strong communication and leadership presence with ability to influence engineering, IT, and executive stakeholders.
• Ability to simplify and communicate complex detection architectures.
• Collaborative mindset with a focus on continuous improvement and operational excellence.
• Work with cross‑functional architecture teams (Network, Cloud, AI, AppSec, OT/Device) to embed SOC visibility and threat detection requirements into designs.
• Provide expert consultation on major programs (remote access security, segmentation, cloud security, manufacturing/OT security).
• Mentor detection engineers and SOC analysts; provide architectural support during major incidents.
• Communicate SOC strategy, capabilities, and risks to leadership and technical audiences.
• IT Architect Know and understand Jabil business strategy Know and understand Jabil IT strategy & objectives Define the overall solution architecture consistent with Jabil’s methodology Be responsible for the technical solution by providing leadership for the customer, project manager, domain architects, domain specialists and application engineers to advance and deliver solutions Consult and Inform Enterprise Architects and Senior IT Architects to design and deliver solutions Earn trust of clients and management Assess merits of alternative technical approaches and gain consensus for best approach Learn, follow, promote, and improve recognized methodologies to design and deliver solutions Ensure that the non-functional requirements are satisfied including, but not limited to, security, disaster recovery, availability, and performance Researches technology and industry trends to hone both personal and Jabil’s competitive edge Through modeling or prototyping, validate solution prior to full implementation Develop expertise in one of the following disciplines: Enterprise Architecture, Business Architecture, Information Architecture, Application Architecture, Technology Infrastructure Architecture Mentor IT professionals Standards management Be responsible for the management of incident response and logging security standards and promote their use and enhancement with new or existing solutions Provide architectural and design guidance, analysis, and direction, for enterprise-wide key projects and strategic initiatives as it relates to the information security and privacy. Find common ground and gain cooperation when conflicts arise and provide process improvements. Management Practices Develop project plans and influence project organization Apply recognized system sizing methodology Vet change(s) with respect to scope, schedule, cost, risk, etc. Cross train staff to reduce delivery risk Define processes & methods necessary to support delivery/deployment Define management tools to support production environment Policy & Procedures Comply with IT policy, procedure, and process Adhere to all safety and health rules and regulations associated with this position and as directed by supervisor Comply and follow all procedures within the company security policy Training & Development Define technical job content & qualifications of key roles required to support technical infrastructure Work closely with management to assess and aid the development of staff skill sets Assist management to assess and help resolve staffing knowledge gaps Communication Publish and present to customers, IT leaders and business executives Engage with vendors and third parties as needed Organize verbal and written ideas clearly and use an appropriate business style Ask questions; encourage input from staff Develop peer relationships with Senior IT Architects

Benefits

• As part of the total rewards package, this position is eligible for a short-term incentive based on performance.
• In addition, Jabil offers benefits to enhance your health, wealth, and resilient self. These include medical, dental, and vision insurance plans; paid time off accruing at a rate of 3.07 hours during your first year of employment; 4 weeks of paid parental leave; in 2026, 11 company-paid holidays (9 fixed holidays and 2 optional floating holidays), subject to change yearly; 401(k) retirement plan; and employee stock purchase plan.