Find your next cybersecurity opportunity


Solutions Architect (SOC Analysis)

Recorded Future

Recorded Future

Boston, MA, USA
Posted on Tuesday, July 2, 2024

With 1,000 intelligence professionals, over $300M in sales, and serving over 1,800 clients worldwide, Recorded Future is the world’s most advanced, and largest, intelligence company!

Solutions Architect (Professional Services)

at Recorded Future (View all jobs)

Want to be part of shaping the future? Our breakthrough ability to unlock insights from the internet radically improves intelligence and cyber threat visibility for our commercial customers. We’re a high-energy, fast-paced, and fast-growing company. You’ll need the ability to understand and adapt to rapid product and technology developments, as we improve our products in close partnership with customers. You’ll have the support of a seasoned executive management team and world-class investors.

This Role: As a Solutions Architect, your primary responsibility will be to help identify, develop, and deliver consulting services as part of the Solution Architecture team within the Professional Services organization. Services include, but not limited to ;

  • Design offerings where you will be working closely with customers in showing how Recorded Future can be leveraged and providing advice to shape an organization’s Security Operations workflow. Designs will leverage internal frameworks and methodologies.
  • Opportunities leveraging the Recorded Future API, Record Future future data sets such as risk rules and evidence details for SIEM and SOAR Use Case/Playbook build out and implementation. Workshop efforts are included in all service offerings and the ability to communicate clearly and effectively to gather requirements and/or understand the potential use cases and provide effective solutions.

This role's primary responsibility will be to identify, develop, and deliver service’s (Use Case and Design) in partnership with various Recorded Future teams (Sales, Consultants and Engineers), showing existing and potential clients how Recorded Future can help an organization’s SOC, IR, and TI teams gain context, track information in real-time and prevent cyber attacks and breaches.

Responsibilities/ What you will do :

  • Provide Design and Implementation workshops and deliverables of Recorded Future Threat Intelligence implementation and best uses in a customer environment.
  • Ability to capture requirements, illustrate described workflows and build the foundation of a design and data flow. Understanding the customer's workflow and needs in:
    • Incidents Response, Threat Intel, Vulnerability Management
  • Drive customers' cyber security use cases and aid in new use case development.
  • Scope and implement custom solutions across a variety of client architectures, applications, and tools while leveraging the Recorded Future API.
  • Manage multiple projects in a dynamic, fast-paced environment meeting tight deadlines and providing flexibility of schedule with customers primarily in the United States.
  • Creation of new use cases and playbooks, tuning and troubleshooting in a customer's environment with assistance from engineering.

Who you'll work with:

Recorded Future supports security teams at some of the most ambitious organizations. The Solutions Architect is a function of our Professional Services group, your primary responsibility will be assisting customers with the design and integration scoping of Recorded Future Security Intelligence data and running projects to support this function. Workshops such as the Architecture Review and Use Case Development will be the primary focus for this role.


In 1-3 Months you will be assisting with client discovery workshops, gathering details and working with the lead architect on the design and delivery of an architecture review. Duties will include assisting Scoping activities such as understanding the clients data usage, account details and expectations from the requesting team (sales, intelligence services or sales engineers). You will gather tactics, understanding client environments and providing observations to the Sr. Architects. The expectation is to understand Recorded Future data, modules and capabilities within the product platform.

In 3-5 months time you will be able to demonstrate expertise in the key capabilities of our Premier Integrations: Splunk (ES), Splunk SOAR, Palo Alto XSOAR, ServiceNow (SIR/TI, VR, VRM), Microsoft Azure Sentinel, IBM QRadar, and MISP along with some of our Partner Integrations: ThreatConnect, Swimlane, and Anomali. You will be a major contributor to the discovery workshops and building Architecture Designs with oversight. The expectation is to understand Recorded Future data, modules and capabilities available within the Recorded Future API.

In 6-12 Months the expectation is that you will be able to lead a client call with a Senior Architect Supporting. You will be responsible for research, design, implementation strategies, and use cases for the customer to implement. The expectation is to deliver design work and consultative recommendations on how to optimally operationalize a customer to leverage recorded future data within integrations.

In 1+ year Following your successful integration within the team, the expectation will be that you are capable of taking a leading role in our more advanced services which include Use Case development (SOAR Playbook Development and SIEM Threat Detection logic development utilizing Recorded Future data as a central driver); Supporting integration configuration and basic troubleshooting (e.g., verifying token assignment and access configuration); In depth Design and Roadmap development to assist complex and large enterprise clients with integrating Recorded Future throughout their organization (e.g., developing Use Cases for departments to utilize Recorded Future data outside of the SOC); Compiling high level technical documents highlighting Use Cases and Usage of Recorded Future services against varying strategic opportunities and threat landscapes (e.g., Ransomware and Industrial Control Systems).


  • 2-plus years of relevant work experience in Cybersecurity, Threat Intelligence, or Security Operations experience
  • 2-plus years of relevant Customer-facing experience, especially in engineering or consulting
  • Experience with SIEMs and other security tools:
    • (TIPs, Incident Management, Vulnerability Management, SOAR, EDR and Automation)
  • Tool experience in one or more of the following products:
    • Palo Alto XSOAR, Splunk SOAR, Swimlane, Rapid7, ServiceNow SecOps / Vuln / TI
  • Ability to train clients on how to utilize Recorded Future’s APIs and Integrations
  • Experience with Python, JSON, or RESTful APIs is a plus
  • Ability to work independently and proactively manage assigned client engagements and tasks from start to completion
  • The hunger and drive to succeed in a startup environment
  • Location is Boston and DC based (travel up to 20%)

We realize we can only succeed with a team of very smart and passionate people. If you’re looking to work in a unique environment with ambitious, dedicated colleagues, and the chance to collaborate with fantastic users and customers, then we have a lot in common! You'll also be equipped with top technology, enjoy trips, “the best” coffee, great food and fun. We offer competitive compensation, including stock options and a full range of benefits, as well as a great culture, commitment to professional development and social responsibility.

Why should you join Recorded Future?
Recorded Future employees (or “Futurists”), represent over 40 nationalities and embody our core values of having high standards, practicing inclusion, and acting ethically. Our dedication to empowering clients with intelligence to disrupt adversaries has earned us a 4.8-star user rating from Gartner and more than 45 of the Fortune 100 companies as clients.

Want more info?
Blog & Podcast: Learn everything you want to know (and maybe some things you’d rather not know) about the world of cyber threat intelligence
Instagram & Twitter: What’s happening at Recorded Future
The Record: The Record is a cybersecurity news publication that explores the untold stories in this rapidly changing field
Timeline: History of Recorded Future
Recognition: Check out our awards and announcements

We are committed to maintaining an environment that attracts and retains talent from a diverse range of experiences, backgrounds and lifestyles. By ensuring all feel included and respected for being unique and bringing their whole selves to work, Recorded Future is made a better place every day.

If you need any accommodation or special assistance to navigate our website or to complete your application, please send an e-mail with your request to our recruiting team at careers@recordedfuture.com

Recorded Future is an equal opportunity and affirmative action employer and we encourage candidates from all backgrounds to apply. Recorded Future does not discriminate based on race, religion, color, national origin, gender including pregnancy, sexual orientation, gender identity, age, marital status, veteran status, disability or any other characteristic protected by law.

Recorded Future will not discharge, discipline or in any other manner discriminate against any employee or applicant for employment because such employee or applicant has inquired about, discussed, or disclosed the compensation of the employee or applicant or another employee or applicant.

Notice to Agency and Search Firm Representatives:
Recorded Future will not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to Recorded Future, including those sent to our employees or through our website, will become the property of Recorded Future. Recorded Future will not be liable for any fees related to unsolicited resumes.

Agencies must have a valid written agreement in place with Recorded Future's recruitment team and must receive written authorization before submitting resumes. Submissions made without such agreements and authorization will not be accepted and no fees will be paid.