SOC Architecture Lead

Accenture Security helps organizations prepare, protect, detect, respond, and recover across the full security lifecycle. We combine deep industry expertise, global delivery scale, and advanced technologies to help clients build resilient, intelligent, and scalable cyber defense capabilities.

• Technical expertise in SIEM and Elastic Security (ELK stack)
• Proven ability to lead complex SOC design and build engagements
• Strong delivery ownership with accountability for outcomes, timelines, and quality
• Experience influencing client stakeholders at senior and executive levels
• Ability to balance architectural rigor with practical delivery execution

You are comfortable operating at the intersection of architecture, delivery leadership, and client engagement, ensuring solutions are both technically sound and operationally sustainable.

As a SOC Architect, you will own the architecture development and build execution for SOC environments across Accenture client engagements. This role carries responsibility not just for design quality, but for ensuring SOC capabilities are scalable, sustainable and aligned to client risk priorities.

• Own end-to-end SOC architecture and delivery across client engagements—from strategy and design through build, deployment, and transition to operations
• Lead SIEM architecture and implementation, specifically leveraging Elastic Security (ELK stack)
• Define and implement:
  • Log ingestion and data pipelines
  • Detection use cases and correlation logic
  • Dashboards, alerting models, and reporting frameworks
• Drive integration of SIEM with broader security ecosystem, including:
  • XDR and EDR platforms
  • SOAR and case management systems
  • Threat intelligence platforms

• Lead delivery team (architects, engineers, analysts) across complex SOC programs
• Ensure delivery quality, timelines, and budget adherence for SIEM/SOC design and implementation milestones
• Provide hands‑on guidance and oversight on technical build activities
• Act as escalation point for technical and delivery challenges

• Serve as trusted advisor to client security leadership (CISO, VP Security, SOC leadership)
• Translate business, risk, and compliance requirements into scalable SOC solutions
• Present architecture, solution approaches, and delivery updates to senior stakeholders

• Define SOC operating models and maturity roadmaps
• Lead initiatives to improve detection, response, and SOC efficiency
• Establish standards and best practices for detection engineering and SOC operations
• Align solutions with industry frameworks and regulatory requirements

• Active Government of Canada Secret clearance
• 15+ years of experience in information/cybersecurity with focus on SOC services and detection and response capabilities
• Proven experience in Security Operations, SOC Engineering, or SOC Architecture
• Significant hands‑on experience with Elastic Security / ELK stack (SIEM, XDR, EDR)
• Experience leading end‑to‑end SOC or SIEM implementation programs
• Strong understanding of:
  • Detection engineering and use case development
  • Telemetry ingestion and data pipelines
  • SOAR platforms
  • Threat intelligence platforms
  • Case management and investigation tooling
  • SOC processes (monitoring, triage, investigation, response)
• Experience managing delivery teams and client engagements

• Experience delivering SOC solutions across multiple industries or large enterprises
• Strong executive communication and stakeholder management skills
• Experience in consulting or managed security services environments