Security Architect (Threat Simulation and Intelligence)

Project descriptionJoin our Development Centre in Bucharest and become a member of our open-minded, progressive and professional team. In this role you will be working for one of our world-famous clients.The Chief Security Office (CSO) of our client comprises the Chief Information Security Office (CISO) and the Corporate Security unit. The CISO organization guarantees information security for our client.The current initiatives are centered on enhancing cybersecurity capabilities across several critical domains: Threat Intelligence, Advanced Persistent Threats (APTs), Red Team Operations, Forensics and Malware Analysis.These projects are designed to strengthen the organization's defense systems and enhance response strategies against complex cyber threats.We are looking for candidates with strong engineering experience in the areas mentioned above to assist in evaluating and selecting the most effective tools. The roles include implementing the chosen solutions, migrations to different platforms and integrating them with already existing systems to ensure a smooth transition and improved security posture.On top of attractive salary and benefits package, Luxoft will invest into your professional training, and allow you to grow your professional career.ResponsibilitiesLooking for a Security Architect to join the Engineering organization, focused on offensive security (red team/adversary emulation) to lead evaluation, selection and enterprise rollout of automated offensive/security testing platforms.The role focuses on product evaluation, vendor selection, enterprise rollout and engineering integration.Key responsibilities:Define requirements, evaluation criteria and success metrics for automated offensive/security testing platforms and red/purple toolingRun vendor/product evaluations, proof-of-concepts and comparative analysesArchitect integration approaches, workflows, security telemetryProduce detailed implementation plans, runbooks and operational handover artifacts. Coordinate rollout with operational teamsManage onboarding, configuration, tuning and tuning validation of toolsCollaborate with stakeholders to design scalable deployment patterns (SAAS, multi-tenant, credentials handling, high availability etc)Support purple-team exercises and adversary emulation planning by selecting and integrating appropriate tooling. Translate red-team findings into engineering controlsEnsure all the security requirements are addressed in tool selection and operationMaintain vendor relationship and roadmap alignment. Evaluate emerging tools and manage lifecycle/replacement decisionsSkillsMust have5+ years in security engineering, offensive security or security architecture with hands-on experience in evaluating and deploying security toolsStrong linux administration skills (system hardening, service management, troubleshooting, network tuning, secure baseline implementation, service orchestration)Practical Cloud management knowhow with CI/CD pipeline design and implementation experienceProven experience in running vendor evaluations, POCs and selecting security platformsSolid understanding of offensive techniques and how that map to tooling capabilities and detection needs (MITRE ATT&CK)Good grasp of cloud architecture and operational concerns for hosting security toolsExcellent stakeholder management, cross-functional coordination and technical skillsAbility to translate technical tradeoffs into business decisions and produce clear pro/cons analysisExperience integrating tool outputs into SIEMs, engineering workflows and other toolsNice to havePrior experience with SafeBreach/BloodHound/Pentera/Microsoft SEM or other similar tools would be a plus