• Develop and execute an enterprise-wide technology strategy that supports organizational growth, operational efficiency, and long-term scalability. • Provide executive guidance on technology investments, modernization priorities, and digital transformation initiatives. • Establish enterprise standards for system architecture, resilience, performance, and service continuity. • Ensure technology programs are aligned with business needs, compliance obligations, and strategic objectives. • Lead technology integrations for new lines of business as they are added. • Identify data security, identity consolidation and systems rationale across multiple environments. • Lead enterprise system implementations, including CRM, ERP/finance, CLM, member platforms, and program management systems. • Direct system design, configuration, workflow mapping, and cross-functional adoption. • Oversee integration strategy using APIs, middleware, automation frameworks, and MDM principles to maintain a single source of truth. • Govern change management, system sustainability, documentation, and operational performance across all major platforms. • Build and maintain secure and scalable data environments, including an enterprise data lake, data warehouses, and reporting ecosystems. • Define and enforce data governance standards covering taxonomy, metadata, lineage, retention, and quality. • Ensure data architecture supports analytics, forecasting, reporting, and emerging AI-enabled capabilities. • Strengthen data visibility, consistency, and reliability across business functions. • Lead the company’s cybersecurity program, including policy development, identity and access controls, vulnerability management, and continuous monitoring. • Ensure compliance with federal frameworks, including NIST 800-171, CUI handling, DFARS requirements, CMMC readiness, and FedRAMP-aligned controls. • Develop systems and processes to manage Classified Data as required. • Own technology and cybersecurity risk management in alignment with federal and contractual requirements. • Oversee incident response, audit preparation, third-party security evaluations, and remediation planning. • Serve as the primary liaison with auditors, compliance consultants, and government technology representatives. • Lead all IT operations, including service delivery, helpdesk support, cloud environments, on-premise infrastructure, network administration, and device management. • Implement ITIL-aligned processes for change control, ticket management, escalation, and operational workflow management. • Ensure reliable uptime, strong SLAs, and frictionless employee access to technology services. • Maintain business continuity, disaster recovery readiness, and long-term infrastructure modernization plans. • Manage relationships with technology vendors, SaaS providers, MSPs, and system integrators. • Oversee contract evaluation, renewal strategy, licensing optimization, and cost management. • Establish a framework for build-versus-buy decisions and long-term platform lifecycle management. • Ensure vendor solutions meet performance, compliance, and security requirements. • Assess talent and identify gaps, Build, mentor, and lead high-performing teams across IT operations, security, data architecture, systems administration, and enterprise applications. • Promote a culture of accountability, transparency, documentation, and continuous improvement. • Strengthen cross-functional engagement and drive organization-wide adoption of technology and security practices. • Provide coaching, development, and clear expectations to ensure operational excellence and professional growth.

• Research and analyze emerging technologies and design and build architectures and solutions to enable secure implementation of new technologies. • Administers security infrastructure. • Conducts active threat detection and analysis, creates threat intelligence, and maintains threat profiles. • Assists in the development and implementation of security policies, procedures, and protective measures. • Performs vulnerability assessments, security testing, and works with operations and development teams on remediation and mitigation of findings. • Educates users about security policies and consults on security issues.

• Work closely with client executives and management teams to understand their businesses and assist in identifying and managing financial and operational risks within their business systems to ensure technology risks are managed: • Develop in-depth knowledge of clients’ businesses and industries by having direct client interaction while working on multiple aspects of an engagement • Think independently and strategically about your clients’ business, systems and risks providing recommendations for business and process improvements based upon knowledge gained relative to the client’s operations, processes and business objectives • Provide strategic business assurance to clients by assisting in the implementation of new processes and controls that address key risks • Assess, manage and optimize information technology risk across a wide range of areas, including cybersecurity, IT strategy and governance, IT regulatory and compliance requirements, and business continuity • Review clients' processes and controls against industry frameworks, identifying gaps in design and execution, and communicating issues and recommendations to clients • Assist in the development of audit programs and the execution of internal audits and IT control assessments in the areas of: • IT strategy and governance • IT operations, business continuity and disaster recovery • Cybersecurity • Third party risk • ITGC and application controls • SOC reporting • Regulatory and compliance requirements • Assist in drafting comprehensive executive summaries and final reports for delivery to the client, documenting and reviewing engagement work papers in accordance with industry-accepted internal audit methodologies • Act as a valued business advisor, build relationships and communicate effectively with the client to provide superior client service • Facilitate professional and effective presentations to internal and external audiences • Continue to develop your knowledge and experience working with a variety of technology environments, platforms, applications and tools/utilities • Demonstrate the desire to continually grow, learn and develop skills and knowledge through external and internal education, training and cross-training opportunities to maximize personal contribution to the organizational goals and ongoing career development • Utilize your entrepreneurial skills to network and build strong relationships internally and externally with clients • Support the growth and development of team members through the Baker Tilly Care and Teach philosophy, helping associates meet their professional goals • Enjoy friendships, social activities and team outings that encourage a work-life balance

Role Description ProArch IT Solutions is seeking a highly motivated and technically skilled Security / SOAR Automation Engineer to join our global cybersecurity operations team supporting a fast-paced Managed Security Services Provider (MSSP) environment. The ideal candidate will possess strong hands-on experience in cybersecurity automation, SOAR platform engineering, SOC workflow orchestration, and security integrations across modern security ecosystems. This role is heavily focused on designing, implementing, optimizing, and scaling SOC automation capabilities to improve operational efficiency, incident response, alert enrichment, triage automation, threat intelligence utilization, and AI-driven security operations enhancements. The Engineer will work closely with SOC Operations, Security Engineering, Security Consulting, and Leadership teams to deliver automation initiatives and operational improvements while supporting a globally distributed security environment. This is a permanently remote opportunity for candidates based in India, aligned primarily to USA Eastern Time (ET) business hours, with flexibility depending on operational requirements. Key Responsibilities - SOAR Engineering & Automation - Design, develop, implement, and maintain SOAR playbooks and automation workflows for SOC operations. - Build scalable security orchestration workflows for: - Alert triage - Automated enrichment - Threat intelligence correlation - Incident response - Containment workflows - Identity-based investigations - Case management - Reporting automation - Implement and maintain integrations between SOAR platforms and various security technologies using APIs, webhooks, SDKs, and custom connectors. - Develop automation logic to improve SOC efficiency, reduce analyst fatigue, and accelerate Mean Time to Respond (MTTR) and Mean Time to Resolve. - Support SOAR platform lifecycle management including upgrades, change management, testing, governance, RBAC, and operational maintenance. - Assist with SOAR platform administration, identity & access management, and environment hardening. - Security Platform Integrations - Hands-on experience integrating and automating workflows involving: - Microsoft Defender for Endpoint (MDE) - Microsoft Defender XDR - Microsoft Defender for Identity (MDI) - Microsoft Defender for Office 365 (MDO) - Microsoft Defender for Cloud Apps (MDCA) - Microsoft Purview - Microsoft Identity Protection / Entra ID - CrowdStrike Falcon - Threat Intelligence platforms - (Must have) SIEM platforms (Microsoft Sentinel & Defender XDR) - Graph API - Ticketing platforms (Datto Autotask preferred) - Email security solutions - Endpoint detection & response platforms - Identity and authentication platforms - Cloud security solutions - SOC Operations Enhancement - Work collaboratively with SOC Managers, SOC Team Leads, Analysts, and Security Consultants to identify automation opportunities. - Create operational enhancements to improve detection engineering, investigation workflows, escalation efficiency, and reporting. - Assist with scaling SOC operations using automation and AI-driven initiatives. - Support operational maturity improvements within the SOC environment. - Participate in incident response automation strategy discussions and implementation planning. - Contribute to SOC transformation initiatives focused on operational scalability and service optimization. - AI & Advanced Security Operations - Contribute to AI-enabled SOC initiatives and intelligent automation projects. - Assist in implementing AI orchestration and automation use cases within security operations. - Research and evaluate emerging AI and automation technologies relevant to cybersecurity operations. - Support initiatives focused on autonomous investigation workflows, enrichment intelligence, and analyst assistance capabilities. - Collaboration & Project Coordination - Coordinate automation initiatives with internal stakeholders and external vendors. - Work closely with SOAR vendors for implementation support, troubleshooting, optimization, and feature enablement. - Participate in project planning, implementation tracking, testing, and deployment activities. - Maintain technical documentation, workflow diagrams, integration references, and operational runbooks. - Support cross-functional cybersecurity projects and operational improvements. Qualifications - Bachelor’s Degree / Graduation in Computer Science, Information Technology, Cybersecurity, Engineering, or a related technical field is mandatory. - Relevant cybersecurity certifications and automation-focused certifications will be considered an added advantage. - 3–5 years of overall cybersecurity experience. - Proven hands-on experience with SOAR platforms in enterprise or MSSP environments. - Strong experience designing and implementing automation workflows from scratch. - Experience supporting Security Operations Center (SOC) environments. - Prior SOC Analyst experience is highly preferred. - Experience working within Managed Security Services Provider (MSSP) environments preferred. - Experience supporting or collaborating with US-based teams/vendors preferred. Technical Skills - Strong hands-on experience with SOAR technologies. - Experience with Torq SOAR preferred. - Strong understanding of: - Incident response workflows - SOC operations - Detection engineering - Security orchestration - Threat intelligence - API integrations - Authentication mechanisms - Identity-based security workflows - Experience integrating security tools using: - REST APIs - JSON - Webhooks - Python - PowerShell - Scripting/automation frameworks - Familiarity with SIEM platforms and alert correlation logic. - Experience with ticketing systems, preferably Datto Autotask. - Understanding endpoints, cloud, identity, and email security ecosystems. Preferred Qualifications - Experience implementing AI-driven SOC workflows. - Exposure to AI orchestration in cybersecurity operations. - Knowledge of security operations metrics and optimization strategies. - Experience with security automation governance and change management. - Exposure to cloud security platforms and SaaS security controls. - Familiarity with DevSecOps or infrastructure automation concepts. - Relevant cybersecurity certifications are advantageous like Security+, CySA+, GCIH, SC-200, AZ-500, SOAR platform certifications, Splunk / Microsoft certifications. Soft Skills & Work Style - Strong verbal and written communication skills with the ability to work effectively across technical and non-technical teams. - Excellent collaboration and stakeholder coordination skills across SOC Operations, Engineering, Consulting, Vendors, and Leadership teams. - Strong documentation and technical writing capabilities for workflows, SOPs, and operational procedures. - Ability to work independently in a remote-first, multicultural, and fast-paced MSSP environment. - Self-driven, proactive, and highly organized with strong ownership and accountability. - Strong analytical, troubleshooting, and problem-solving skills. - Comfortable managing multiple projects, priorities, and operational initiatives simultaneously. - Team-oriented mindset with the ability to operate effectively as an individual contributor. - Professional communication and coordination skills for working with US-based teams and vendors. - Adaptable and flexible to evolving operational and business requirements. Work Schedule & Environment - Primary alignment with USA Eastern Time (ET) business hours. - Permanently remote working opportunity within India. - Flexible working model based on operational requirements and project demands. - Fast-paced MSSP and cybersecurity operations environment. What Success Looks Like in This Role - Successful deployment and optimization of SOC automation workflows. - Measurable reduction in manual SOC effort and alert fatigue. - Improved operational efficiency and response timelines. - Reliable integration and orchestration across security ecosystems. - Contribution toward scalable, AI-enabled cybersecurity operations. - Strong collaboration with SOC leadership, analysts, engineering, and consulting teams. - Continuous innovation and operational enhancement within the security operations function.