About the position
As a Lead Cybersecurity Architect/Engineer, you will serve as the technical lead
for our Security Operations Center and drive the maturity of our threat
detection and response capabilities. This role focuses on detection engineering,
threat hunting, and incident leadership across enterprise, cloud, OT, and
identity environments. The ideal candidate will design and tune detection logic,
improve security telemetry coverage, and guide analysts during complex
investigations while partnering with infrastructure and platform engineering
teams to strengthen overall security visibility. You will report directly to our
Sr. Cyber Security Manager, and you'll work remotely.
About Solstice Advanced Materials
Solstice Advanced Materials is a leading global specialty materials company that
advances science for smarter outcomes. Solstice offers high-performance
solutions that enable critical industries and applications, including
refrigerants, semiconductor manufacturing, data center cooling, nuclear power,
protective fibers, healthcare packaging and more. Solstice is recognized for
developing next-generation materials through some of the industry's most
renowned brands such as Solstice®, Genetron®, Aclar®, Spectra®, Fluka™, and
Hydranal™. Partnering with over 3,000 customers across more than 120 countries
and territories and supported by a robust portfolio of over 5,700 patents,
Solstice’s approximately 4,000 employees worldwide drive innovation in materials
science. For more information, visit Advanced Materials
[https://advancedmaterials.honeywell.com/us/en].
Responsibilities
• Act as the technical lead and escalation point for the SOC, guiding analysts
during complex investigations and major incidents.
• Design, implement, and tune threat detections across SIEM, EDR/XDR, and other
security telemetry platforms.
• Lead and coordinate incident response activities, including investigation,
containment, eradication, and recovery.
• Develop detection engineering practices aligned with adversary behaviors and
frameworks such as MITRE ATT&CK.
• Conduct proactive threat hunting and continuously improve detection
coverage.
• Build and maintain automation, enrichment pipelines, and response
playbooks to improve SOC efficiency and investigation speed.
• Collaborate with infrastructure, network, cloud, and platform engineering
teams to ensure high-quality security telemetry and monitoring coverage.
• Define and track SOC performance metrics (alert fidelity, MTTD, MTTR) and
lead initiatives to improve detection quality.