• Lead analysis of current SOC environment to identify critical deficiencies, legacy and technical debt, and recommend solutions for improvement. • Develop the technical architecture for monitoring, detecting, and responding to security incidents, including log streaming platforms, SIEM systems, and automated response capabilities. • Evaluate, select, and design integration of security tools such as SIEM systems, data pipeline tools, threat intelligence platforms, incident response tools, SOAR platforms, and forensic tools. • Design the implementation of automation workflows using SOAR tools to improve incident response and threat detection. • Define logging and monitoring standards for applications, infrastructure, and endpoints. • Ensure the SOC infrastructure is scalable, redundant, and able to handle growing volumes of data and alerts. • Create architectural diagrams, strategies, and standard operating procedures. • Guide SOC team members on best practices in architecture, automation, and operations. • Collaborate with partners to align security strategy with organizational goals and compliance requirements. • Conduct research to stay current on the latest security landscape capabilities and determine business and technical value for potential roadmap injection. • Collaborate with external partners and vendors to enhance cybersecurity capabilities and integrate third-party security solutions. • Oversee security testing strategy, including vulnerability scanning and penetration testing. • Lead regular threat analysis. • Ensure compliance with applicable laws and regulations. • Establish, promote, and enforce best practices for cybersecurity.