Back to jobs
Security Architect - Advanced Threat Response
Successfully
Req. VR-118148
Join our Development Centre in Bucharest and become a member of our open-minded, progressive and professional team. In this role you will be working for one of our world-famous clients.
The Chief Security Office (CSO) of our client comprises the Chief Information Security Office (CISO) and the Corporate Security unit. The CISO organization guarantees information security for our client.
The current initiatives are centered on enhancing cybersecurity capabilities across several critical domains: Threat Intelligence, Advanced Persistent Threats (APTs), Red Team Operations, Forensics and Malware Analysis.
These projects are designed to strengthen the organization's defense systems and enhance response strategies against complex cyber threats.
We are looking for candidates with strong engineering experience in the areas mentioned above to assist in evaluating and selecting the most effective tools. The roles include implementing the chosen solutions, migrations to different platforms and integrating them with already existing systems to ensure a smooth transition and improved security posture.
On top of attractive salary and benefits package, Luxoft will invest into your professional training, and allow you to grow your professional career.
Looking for a Security Architect to join the Engineering organization, focused on Threat Simulation and Threat Intelligence capabilities to enable continuous, automated adversary emulation and high-fidelity detection.
You will manage onboarding, migration and integration of tools, conduct POCs to choose the best solutions, collaborate with vendors and stakeholders and enable Purple/RedTeam testing by delivering engineered platform configurations and data feeds.
Key responsibilities:
Lead onboarding and lifecycle management of new TI and adversarial-simulation tools (evaluation, procurement input, deployment etc)
Design, implement and validate use-case deployments for detection, hunting and simulation scenarios end-to-end
Plan and execute tool migrations (legacy to new platforms) , including data migration, mapping of telemetry/events
Integrate TI tools with SIEM/Data Lake, SOAR and other repositories
Assess gaps in capabilities and recommend procurement of new adversarial/simulation or TI platforms. Produce comparative business/technical assessments
Run technical POCs (define success criteria, test plans, datasets, run experiments, analyze results, recommend optimal solution that maps to requirements)
Configure and tune platforms (playbooks, detection rules, sensors/agents, orchestration workflows) to enable automated testing and continuous validation
Integrate new Threat Intelligence feeds into detection/hunting pipelines: normalization, scoring, enrichment and suppression rules
Evaluate feature sets of tools and produce structured feature/fit assessments
Work with vendors, procurement and engineering stakeholders to negotiate deployment timelines and support escalation paths
Support Purple/Red teams by providing the infrastructure, simulated adversary capabilities and automated execution to drive continuous security validation
Build automation and engineering artifacts to deploy and maintain platforms reproducibly
Must have
5+ years of experience in security engineering, threat intelligence or adversary simulation roles. Prior responsibility for tool selection, deployment and integration would be a plus
Strong Linux administration skills (system hardening, service management, troubleshooting, network tuning, secure baseline implementation, service orchestration)
Practical Cloud management knowhow with CI/CD pipeline design and implementation experience
Strong hands-on experience integrating security tools with SIEM/Data Lake and detection/hunting pipelines
Demonstrated experience running technical POCs and producing decision-grade evaluations
Experience working with or supporting Purple/Red team activities and translating their input into detections and test automations
Excellent stakeholder management and cross-team collaboration
Nice to have
Familiarity with one or more tools from: Microsoft EASM/Anomali/Tanium/B!nalyze/GTI suite/JoeSanbox or other similar tools
Experience with malware sandboxing, dynamic analysis and threat feed integration
Experience with adversary emulation frameworks (ATT&CK, Caldera, Atomic Red Team)
Languages
English: B2 Upper Intermediate
Seniority
Senior
Bucharest, Romania
Req. VR-118148
Solution/Integration Architecture
BCM Industry
10/10/2025
Req. VR-118148
Apply for Security Architect - Advanced Threat Response in Bucharest
*Indicates a required field