Security Architect at Strivo Labs

Overview

• The Security Architect is responsible for integrating Security Operations and Security Engineering activities within the MSSP.
• The role acts as the technical and operational bridge between SOC analysts, security engineers, and clients.
• This individual is hands-on, customer-facing, and capable of engaging directly with clients on-site to design, implement, and optimize security solutions across on-prem and cloud environments.
• The role ensures that SOC operations are effective, well-engineered, and aligned with client risk profiles, service commitments, and evolving threat landscapes.

Key Responsibilities

• Engage directly with clients on-site to assess environments, design security architectures, and implement security solutions.
• Act as a trusted technical advisor during onboarding, service reviews, and security improvement initiatives.
• Translate client business and risk requirements into effective SOC and security engineering solutions.
• Support pre-sales activities, technical scoping, and solution design where required.
• Provide technical and operational leadership to SOC analysts and responders, ensuring effective monitoring, detection, and incident response.
• Guide SOC workflows, escalation processes, and incident handling procedures.
• Ensure SOC operations align with SLAs, playbooks, and industry best practices.
• Act as an escalation point for complex incidents and high-impact security events.
• Lead the design, implementation, and optimization of SOC and security platforms including SIEM, SOAR, EDR/XDR, NDR, threat intelligence, and log management solutions.
• Oversee data onboarding, integrations, and tuning across client environments.
• Ensure SOC tooling is scalable, reliable, and engineered to support efficient operations.
• Drive automation and detection engineering to improve alert quality and reduce MTTR.
• Design and support security monitoring and controls for cloud environments (AWS, Azure, GCP).
• Integrate cloud logs, identity, network, and workload telemetry into SOC platforms.
• Advise clients on secure cloud architecture and monitoring best practices.
• Bridge the gap between SOC operations and security engineering, ensuring tooling, detections, and automation support real operational needs.
• Work closely with engineers to translate analyst feedback into platform and detection improvements.
• Standardize configurations, architectures, and engineering practices across clients.
• Ensure SOC and engineering activities align with regulatory and contractual requirements (e.g., ISO 27001, SOC 2, PCI DSS).
• Support audits, assessments, and client assurance activities.
• Continuously evaluate emerging threats, technologies, and service improvements.

Requirements

• 7 – 10+ years in cybersecurity, with experience across SOC operations and security engineering.
• Experience working in an MSSP or multi-client environment.
• Demonstrated client-facing experience, including on-site implementations.
• Experience leading or guiding technical security teams.

Technical Expertise:

• Strong hands-on experience with SIEM, SOAR, EDR/XDR, and SOC tooling.
• Proven experience in security engineering and SOC operations.
• Solid knowledge of cloud architecture and cloud security (AWS, Azure, GCP).
• Experience with automation and scripting (Python, PowerShell, Bash).
• Strong understanding of threat detection frameworks (MITRE ATT&CK).

Soft Skills:

• Strong communication and stakeholder management skills.
• Ability to operate confidently in client environments.
• Hands-on, problem-solving mindset with strong leadership presence.

Nice to Have:

• Experience designing multi-tenant SOC architectures.
• Cloud and security certifications (CISSP, GIAC, Azure/AWS Security, Splunk, Sentinel).