Security Architect Lead
Security Architect Lead

Security Architect Lead

City of London Temporary 60000 - 84000 £ / year (est.) No home office possible
M

At a Glance

  • Tasks: Lead improvements in SIEM and enhance security monitoring capabilities.
  • Company: Join a national programme focused on strengthening government cyber threat responses.
  • Benefits: Enjoy hybrid work flexibility and gain valuable experience in a high-impact role.
  • Why this job: Be part of a mission-driven team enhancing national security and tackling cyber threats.
  • Qualifications: Strong Splunk experience and knowledge of SIEM engineering required.
  • Other info: Active SC clearance is necessary; contract duration is 9 months.

The predicted salary is between 60000 - 84000 £ per year.

Location: Hybrid - Remote with up to 2 days/week

Contract Duration: 9 months (192 working days)

Active SC clearance required

Role Overview

We are seeking an experienced Splunk Engineer / Security Architect to lead strategic and tactical improvements to the SIEM and associated components across a large-scale hybrid security environment. You will play a pivotal role in enhancing monitoring capabilities, driving SIEM convergence, and supporting the maturity of security operations. This role is aligned to a national programme improving the government's ability to detect and respond to cyber threats across multiple portfolios. You will work alongside the SIEM Product Owner and CSOC teams to define and deliver architectural and engineering enhancements using Splunk SaaS and related technologies.

Key Responsibilities

  • Produce and maintain architecture diagrams, high- and low-level design documentation
  • Lead configuration of Splunk and associated infrastructure (AWS EC2, S3, SQS, etc.)
  • Drive use case development aligned with CSOC and MITRE ATT&CK framework
  • Attend and represent the project at key technical forums (ADF, TDA, workshops)
  • Deliver improvements to SIEM architecture, use cases, automation, and data enrichment
  • Improve onboarding processes for directorates and manage onboarding QA
  • Lead integration of SOAR, Attack Analyzer, and other tooling into operational use
  • Standardise collection tier components using Infrastructure as Code (IaC) where possible

Essential Skills & Experience

  • Strong experience in Splunk SaaS as a lead engineer and/or architect
  • Deep understanding of SIEM Engineering & Architecture, particularly in CSOC environments
  • Demonstrated experience leading end-to-end SIEM improvement initiatives
  • Proven ability to define and implement change within complex cyber environments
  • Excellent documentation, communication, and stakeholder engagement skills
  • Solid AWS infrastructure knowledge (EC2, S3, SQS, etc.)

Desirable Skills & Experience

  • Experience with SIEM convergence from legacy platforms
  • Familiarity with tools such as JIRA, Confluence, Git
  • Background in Ethical Hacking, IDAM, PKI, or broader information security disciplines
  • A team-oriented, adaptable mindset with a problem-solving approach

Required Qualifications

  • Splunk Cloud Administrator
  • Splunk Enterprise Security
  • Splunk SOAR Administrator
  • Splunk Certified Cybersecurity Defence Analyst
  • Cloud Security Architecture (CSA)
  • Microsoft Azure Infrastructure Solutions

Desirable Certifications

  • Certified Information Systems Security Professional (CISSP)
  • Ethical Hacking & Intrusion Prevention
  • Information Security Management Systems (ISMS)
  • Identity Access & Management (IDAM)

Security Architect Lead employer: Matchtech

As a leading employer in the cybersecurity sector, we offer a dynamic work environment that fosters innovation and collaboration, particularly for our Security Architect Lead role. With a hybrid working model, employees enjoy the flexibility of remote work while also benefiting from in-person engagement up to two days a week, enhancing team cohesion. Our commitment to professional development is evident through tailored growth opportunities, and our involvement in national programmes ensures that your contributions have a meaningful impact on improving government cyber resilience.
M

Contact Detail:

Matchtech Recruiting Team

StudySmarter Expert Advice 🤫

We think this is how you could land Security Architect Lead

✨Tip Number 1

Familiarise yourself with the latest trends and updates in Splunk and SIEM technologies. Join relevant online forums or communities where professionals discuss their experiences and share insights, as this can help you stay ahead of the curve and demonstrate your knowledge during interviews.

✨Tip Number 2

Network with current or former employees of StudySmarter or similar organisations. Reach out on LinkedIn to ask about their experiences and any tips they might have for someone looking to step into a role like the Security Architect Lead.

✨Tip Number 3

Prepare to discuss specific projects where you've successfully led SIEM improvements or architectural changes. Be ready to explain your thought process, the challenges you faced, and how you overcame them, as this will showcase your problem-solving skills and leadership experience.

✨Tip Number 4

Make sure to highlight your active SC clearance in conversations and interviews, as this is a crucial requirement for the role. Being clear about your eligibility can set you apart from other candidates who may not have this clearance.

We think you need these skills to ace Security Architect Lead

Splunk SaaS Expertise
SIEM Engineering & Architecture
Cyber Security Operations Centre (CSOC) Knowledge
End-to-End SIEM Improvement Initiatives
Architecture Diagram Production
High- and Low-Level Design Documentation
Configuration of AWS Services (EC2, S3, SQS)
Use Case Development with MITRE ATT&CK Framework
Stakeholder Engagement
Documentation Skills
Automation and Data Enrichment
Infrastructure as Code (IaC)
Integration of SOAR and Other Tooling
Problem-Solving Skills
Team Collaboration
Adaptability

Some tips for your application 🫡

Tailor Your CV: Make sure your CV highlights your experience with Splunk SaaS and SIEM engineering. Focus on specific projects where you've led improvements or enhancements, especially in a CSOC environment.

Craft a Strong Cover Letter: In your cover letter, emphasise your leadership skills and experience in driving SIEM initiatives. Mention your familiarity with AWS infrastructure and how it relates to the role.

Highlight Relevant Certifications: List your relevant certifications prominently, such as Splunk Cloud Administrator and CISSP. This will demonstrate your qualifications and commitment to the field of cybersecurity.

Showcase Communication Skills: Since excellent communication is key for this role, provide examples in your application of how you've effectively engaged with stakeholders and represented projects in technical forums.

How to prepare for a job interview at Matchtech

✨Showcase Your Splunk Expertise

Make sure to highlight your experience with Splunk SaaS during the interview. Be prepared to discuss specific projects where you've led SIEM improvements and how you utilised Splunk's features to enhance security operations.

✨Understand the MITRE ATT&CK Framework

Familiarise yourself with the MITRE ATT&CK framework, as it's crucial for developing use cases aligned with CSOC objectives. Be ready to explain how you've applied this framework in previous roles to improve threat detection and response.

✨Prepare for Technical Discussions

Since you'll be attending key technical forums, brush up on your communication skills. Be prepared to discuss architectural diagrams and design documentation clearly and concisely, demonstrating your ability to engage with stakeholders effectively.

✨Demonstrate Your AWS Knowledge

Given the role's emphasis on AWS infrastructure, ensure you can discuss your experience with services like EC2, S3, and SQS. Highlight any projects where you've integrated these services with Splunk to enhance security monitoring capabilities.

Security Architect Lead
Matchtech
M
Similar positions in other companies
UK’s top job board for Gen Z
discover-jobs-cta
Discover now
>