Splunk Architect

Join one of the biggest IT Services companies in the world Here you can transform your career Why join TCS? Here at TCS we believe that people make the difference, that's why we live a culture of unlimited learning full of opportunities for improvement and mutual development. The ideal scenario to expand ideas through the right tools, contributing to our success in a collaborative environment. We are looking for a SOAR Architect, who wants to learn and transform their career, in a CLT contract in Brazil. We are seeking a highly skilled SOAR Architect to lead the design, assessment, and implementation of Security Orchestration, Automation, and Response (SOAR) solutions. This role will focus on Splunk SOAR assessments, development of custom playbooks, and delivering Automated Managed Services (AMS) capabilities that enable efficient, automated, and scalable incident response. The Architect will collaborate with SOC, Incident Response, and Threat Intelligence teams to mature automation capabilities and reduce response times for security events. In this role you will: • SOAR Architecture & AMS Enablement • Lead the architecture, design, and deployment of SOAR platforms with a focus on AMS delivery models. • Define standards, guidelines, and frameworks for automation and orchestration workflows. • Align SOAR platform capabilities with enterprise SOC and threat response strategy. • Splunk Assessment • Conduct Splunk SOAR assessments to evaluate current-state maturity, integrations, and gaps. • Provide recommendations for improvements in log ingestion, correlation, automation, and use case coverage. • Partner with Splunk engineers to enhance SOC visibility and response automation. • Playbook Development • Design, build, and optimize custom SOAR playbooks for threat enrichment, triage, phishing, malware, insider threat, and compliance workflows. • Ensure playbooks follow industry best practices and are resilient, scalable, and maintainable. • Continuously update and refine playbooks to keep pace with evolving threats. • Collaboration & Stakeholder Engagement • Work with SOC analysts, IR teams, and threat hunters to identify automation opportunities. • Conduct knowledge transfer and training sessions for SOC teams on playbook usage. • Prepare executive-level reports on automation efficiency, incident response time reduction, and vulnerability management improvements. • Platform Governance & Maintenance • Ensure integration with SIEM (Splunk Enterprise Security) and third-party tools (EDR, Threat Intel, IAM, Firewalls, etc.). • Maintain documentation of architecture, integrations, and playbook workflows. • Oversee life-cycle management, scalability, and compliance for SOAR implementations. Qualifications: • Bachelor's or Master's degree in Cybersecurity, Computer Science, or related field. • 7+ years of cybersecurity experience, with at least 3+ years in SOAR engineering or architecture. • Hands-on expertise with Splunk SOAR (Phantom) and Splunk Enterprise Security (ES). • Strong experience in building and optimizing SOAR playbooks and integrations. • Proficiency in scripting languages (Python, PowerShell, Bash, JavaScript) for automation. • Deep understanding of SIEM, SOAR, SOC operations, IR workflows, and Threat Intelligence. • Experience with API integrations for security tools (EDR, SIEM, IAM, Firewalls, Cloud Security). Nice to have: • Splunk SOAR Certified Administrator / Consultant • Splunk Certified Architect • CISSP, CISM, or equivalent security certification • SANS/GIAC certifications (e.g., GCIH, GCIA, GCTI, GCDA) >>> What do we offer? TCS Benefits in Brazil: ● Health insurance ● Dental Plan ● Life insurance ● Transportation vouchers ● Meal/Food Voucher ● Childcare assistance ● Gympass ● TCS Cares – free 0800 that provides psychological assistance (24 hrs/day), legal, social and financial assistance to associates ● Partnership with SESC ● Reimbursement of Certifications ● Free TCS Learning Portal – Online courses and live training ● International experience opportunity ● Discount Partnership with Universities and Language Schools ● Bring Your Buddy – By referring people you become eligible to receive a bonus for each hire ● TCS Gems – Recognition for performance ● Xcelerate – Free Mentoring Career Platform At TATA Consultancy Services we promote an inclusive culture, we always work for equity. This applies to Gender, People with Disabilities, LGBTQIA+, Religion, Race, Ethnicity. All our opportunities are based on these principles. We think of different actions of inclusion and social responsibility to build a TCS that respects each person. Our motto is "Inclusion without exception". Join us and become a TCSer #Buildingonbelief