Job Board

Companies

Matchtech

Security Architect Lead

London Temporary 48000 - 72000 £ / year (est.) No home office possible

At a Glance

Tasks: Lead improvements in SIEM and enhance security monitoring capabilities.
Company: Join a national programme focused on strengthening government cyber threat responses.
Benefits: Enjoy hybrid work flexibility and the chance to impact national security.
Why this job: Be part of a dynamic team driving innovation in cybersecurity with real-world impact.
Qualifications: Strong Splunk experience and knowledge of AWS infrastructure required.
Other info: Active SC clearance is essential for this role.

The predicted salary is between 48000 - 72000 £ per year.

We are seeking an experienced Splunk Engineer / Security Architect to lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You'll play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting the maturity of security operations. This role is aligned to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You'll work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies.

Key Responsibilities

Produce and maintain architecture diagrams, high- and low-level design documentation
Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.)
Drive use case development aligned with CSOC and MITRE ATT&CK framework
Attend and represent the project at key technical forums (ADF, TDA, workshops)
Deliver improvements to SIEM architecture, use cases, automation, and data enrichment
Improve onboarding processes for directorates and manage onboarding QA
Lead integration of SOAR, Attack Analyzer, and other tooling into operational use
Standardise collection tier components using Infrastructure as Code (IaC) where possible

Essential Skills & Experience

Strong experience in Splunk SaaS as a lead engineer and/or architect
Deep understanding of SIEM Engineering & Architecture, particularly in CSOC environments
Demonstrated experience leading end-to-end SIEM improvement initiatives
Proven ability to define and implement change within complex cyber environments
Excellent documentation, communication, and stakeholder engagement skills
Solid AWS infrastructure knowledge (EC2, S3, SQS, etc.)

Desirable Skills & Experience

Experience with SIEM convergence from legacy platforms
Familiarity with tools such as JIRA, Confluence, Git
Background in Ethical Hacking, IDAM, PKI, or broader information security disciplines
A team-oriented, adaptable mindset with a problem-solving approach

Required Qualifications

Splunk Cloud Administrator
Splunk Enterprise Security
Splunk SOAR Administrator
Splunk Certified Cybersecurity Defence Analyst
Cloud Security Architecture (CSA)
Microsoft Azure Infrastructure Solutions

Desirable Certifications

Certified Information Systems Security Professional (CISSP)
Ethical Hacking & Intrusion Prevention
Information Security Management Systems (ISMS)
Identity Access & Management (IDAM)

Security Architect Lead employer: Matchtech

As a leading employer in the cybersecurity sector, we offer a dynamic work environment that fosters innovation and collaboration, particularly for our Security Architect Lead role. With a hybrid working model, employees enjoy the flexibility of remote work while also benefiting from in-person collaboration up to two days a week, enhancing team synergy. Our commitment to professional development is evident through tailored growth opportunities, and our involvement in national programmes ensures that you will be part of meaningful projects that significantly impact the government's ability to combat cyber threats.

Contact Detail:

Matchtech Recruiting Team

View Matchtech Profile

StudySmarter Expert Advice 🤫

We think this is how you could land Security Architect Lead

✨Tip Number 1

Familiarise yourself with the latest trends and updates in Splunk and SIEM technologies. This will not only help you during interviews but also demonstrate your commitment to staying current in a rapidly evolving field.

✨Tip Number 2

Network with professionals in the cybersecurity and Splunk communities. Attend relevant webinars, workshops, or meetups to connect with others in the field, which could lead to valuable insights and potential referrals.

✨Tip Number 3

Prepare to discuss specific projects where you've led SIEM improvements or architectural changes. Be ready to share measurable outcomes and how your contributions made a difference in previous roles.

✨Tip Number 4

Showcase your soft skills, particularly in communication and stakeholder engagement. Being able to articulate complex technical concepts to non-technical stakeholders is crucial for this role, so practice explaining your past experiences in simple terms.

We think you need these skills to ace Security Architect Lead

Splunk SaaS Expertise

SIEM Engineering & Architecture

End-to-End SIEM Improvement Initiatives

Documentation Skills

Stakeholder Engagement

AWS Infrastructure Knowledge (EC2, S3, SQS)

Use Case Development

Automation Skills

Data Enrichment Techniques

Infrastructure as Code (IaC)

Technical Forum Representation

Cyber Security Knowledge

Problem-Solving Skills

Team Collaboration

Adaptability

Some tips for your application 🫡

Tailor Your CV: Make sure your CV highlights your experience with Splunk SaaS and SIEM engineering. Use specific examples that demonstrate your ability to lead improvements in security operations and architecture.

Craft a Compelling Cover Letter: In your cover letter, explain why you are the perfect fit for the role. Mention your experience with AWS infrastructure and your understanding of CSOC environments. Be sure to connect your skills to the key responsibilities outlined in the job description.

Highlight Relevant Certifications: List your relevant certifications prominently, such as Splunk Cloud Administrator and CISSP. This will show your commitment to professional development and expertise in the field.

Showcase Communication Skills: Since excellent communication and stakeholder engagement skills are essential for this role, provide examples in your application that demonstrate your ability to effectively communicate complex technical concepts to various audiences.

How to prepare for a job interview at Matchtech

✨Showcase Your Splunk Expertise

Make sure to highlight your experience with Splunk SaaS during the interview. Be prepared to discuss specific projects where you've led SIEM improvements and how you utilised Splunk's features to enhance security operations.

✨Demonstrate Your Understanding of SIEM Architecture

Familiarise yourself with the key components of SIEM architecture, especially in a CSOC environment. Be ready to explain how you've contributed to architectural enhancements and the impact of those changes on security monitoring capabilities.

✨Prepare for Technical Discussions

Since you'll be attending technical forums, brush up on relevant topics such as AWS infrastructure and the MITRE ATT&CK framework. Prepare to discuss how these elements integrate into your work and how they can improve the overall security posture.

✨Emphasise Communication Skills

Strong communication and stakeholder engagement skills are essential for this role. Think of examples where you've successfully collaborated with teams or presented complex information clearly to non-technical stakeholders.

Security Architect Lead

London

Temporary

48000 - 72000 £ / year (est.)

Application deadline: 2027-05-26
Matchtech

View Matchtech Profile

Similar positions in other companies

UK’s top job board for Gen Z

Discover now