Principal SOC Architect

Location: Remote Region: Open to candidates located in eligible countries within the EMEA region. (Please note: not all EMEA countries are currently supported for this role)
Team: Central Core Team / SecOps

Role Overview

The Principal SOC Architect serves as a strategic technical authority within the Central Core team, operating at a layer distinct from standard product sales.

Architect vs. Product Focus: While the Consulting Systems Engineering (CSE) team drives deep, product-level technical excellence, the Principal SOC Architect focuses on the holistic design and workflow of the customer's security operations. This role is responsible for architecting the entire SOC ecosystem—integrating People, Process, and Technology to solve complex business challenges—rather than solely positioning individual tools. It acts as the bridge between technical product capabilities and high-level CISO strategies (SIEM, SOAR, Agentic SOC).

Flag the Hack Ownership: A central pillar of this position is the full ownership and evolution of "Flag the Hack" across EMEA and APAC. This premier platform serves not merely as an event, but as a strategic engine to demonstrate architectural principles in action, driving the evolution of SecOps for customers while supporting the US team to ensure global alignment.

Key Responsibilities

1. Strategic Event Ownership ("Flag the Hack" & Beyond)

• Global Program Leadership: Assumes full responsibility for building, evolving, and operating the "Flag the Hack" (FTH) program across the EMEA and APAC regions.
• Global Alignment: Supports the US team in operating FTH to ensure consistency while retaining primary ownership of the event's strategic direction and execution.
• New Event Innovation: Develops and performs new strategic event formats, such as the Cyber Defense Forum, CISO Roundtables, and Tabletop Exercises, to engage senior stakeholders.
• Training & Enablement: Collaborates with the training team to leverage and further develop "Fast Track" trainings, ensuring content remains relevant and cutting-edge.
• Joint Strategy: Works closely with the FortiGuard team to design and execute joint SecOps strategic events that integrate real-time threat intelligence.

2. Architecture & Deal Support (IT & OT)

• Holistic Architecture: Acts as the Lead SOC Architect, moving beyond product features to design comprehensive SOC ecosystems that integrate Central SIEM, Automation (SOAR), and AI capabilities.
• OT SOC Convergence: Collaborates closely with the Operational Technology (OT) team to define and design specialized OT SOC architectures. Positions SecOps solutions within industrial environments, ensuring the architecture respects the unique constraints and requirements of ICS/SCADA networks.
• Deal Acceleration: Supports Local Business Development teams in building pipelines and closing medium-to-large business opportunities by providing high-level architectural guidance.
• CSE Collaboration: Collaborates with Consulting Systems Engineers (CSE) to elevate technical product conversations into broader architectural wins, ensuring technical validation aligns with strategic design.
• Partner Development: Provides dedicated architectural support to large partners and MSSPs, assisting in the development of scalable, multi-tenant services based on the SecOps portfolio.

3. Thought Leadership, AI & Strategy

• AI & Agentic SOC Strategy: Defines and promotes the roadmap for AI integration and "Agentic SOC" concepts, assisting local teams in positioning the organization at the forefront of automated security.
• Executive Engagement (EBC): Creates and presents high-value content for the Executive Briefing Center (EBC), positioning SecOps as a platform and addressing CXO-level security challenges.
• Cross-Functional Collaboration: Drives alignment by collaborating across the organization with Product Management (PM), Product Marketing (PMM), Business Development Managers (BDM), and OT teams to ensure a unified market approach.

The SOC Philosophy: People, Technology, & Process

A core requirement of the Principal SOC Architect is to champion the three pillars of a successful SOC, ensuring proposed solutions are operationally effective, not just technically sound:

• People: Advising on the alignment of team skills, roles, and training.
• Technology: Selecting and integrating the right SecOps tools (Technology).
• Process: Defining efficient workflows and procedures for threat detection and response.

Candidate Profile & Qualifications

Technical Expertise:

• Deep Technical Background: Extensive hands-on and architectural experience with SIEM and SOAR technologies.
• AI & Automation: Strong passion for and understanding of Artificial Intelligence in cybersecurity, specifically regarding Agentic SOCs and automated threat response.
• OT/ICS Security: Knowledge of Operational Technology environments; ability to design converged IT/OT SOC architectures and understand the distinct needs of industrial security operations.
• Architecture: Ability to design complex, multi-vendor, and hybrid-cloud security architectures.

Professional Skills:

• Strategic Vision: Ability to translate technical features into business value for C-level executives (CISO/CIO).
• Presentation Skills: Exceptional public speaking ability for large forums, roundtables, and executive briefings.
• Collaboration: Proven track record of working effectively across matrixed organizations (Sales, Marketing, Product, Support).
• Travel: Willingness to travel approximately 30–50% of the time is required.

---

The Principal SOC Architect serves as a strategic technical authority within the Central Core team, operating at a layer distinct from standard product sales.