Lead Cyber Security Architect/Engineer

About the position As a Lead Cybersecurity Architect/Engineer, you will serve as the technical lead for our Security Operations Center and drive the maturity of our threat detection and response capabilities. This role focuses on detection engineering, threat hunting, and incident leadership across enterprise, cloud, OT, and identity environments. The ideal candidate will design and tune detection logic, improve security telemetry coverage, and guide analysts during complex investigations while partnering with infrastructure and platform engineering teams to strengthen overall security visibility. You will report directly to our Sr. Cyber Security Manager, and you'll work remotely. About Solstice Advanced Materials Solstice Advanced Materials is a leading global specialty materials company that advances science for smarter outcomes. Solstice offers high-performance solutions that enable critical industries and applications, including refrigerants, semiconductor manufacturing, data center cooling, nuclear power, protective fibers, healthcare packaging and more. Solstice is recognized for developing next-generation materials through some of the industry's most renowned brands such as Solstice®, Genetron®, Aclar®, Spectra®, Fluka™, and Hydranal™. Partnering with over 3,000 customers across more than 120 countries and territories and supported by a robust portfolio of over 5,700 patents, Solstice’s approximately 4,000 employees worldwide drive innovation in materials science. For more information, visit Advanced Materials [ Responsibilities • Act as the technical lead and escalation point for the SOC, guiding analysts during complex investigations and major incidents. • Design, implement, and tune threat detections across SIEM, EDR/XDR, and other security telemetry platforms. • Lead and coordinate incident response activities, including investigation, containment, eradication, and recovery. • Develop detection engineering practices aligned with adversary behaviors and frameworks such as MITRE ATT&CK. • Conduct proactive threat hunting and continuously improve detection coverage. • Build and maintain automation, enrichment pipelines, and response playbooks to improve SOC efficiency and investigation speed. • Collaborate with infrastructure, network, cloud, and platform engineering teams to ensure high-quality security telemetry and monitoring coverage. • Define and track SOC performance metrics (alert fidelity, MTTD, MTTR) and lead initiatives to improve detection quality.