Mariani Landscape

• Security Program Management: Manage and execute the company’s information security program, including policies, procedures, controls, security standards, risk assessments, remediation tracking, and ongoing security improvements. • Hands-On Security Operations: Perform day-to-day security activities, including monitoring security tools, reviewing alerts, investigating suspicious activity, coordinating remediation, managing vulnerabilities, and improving detective and preventive controls. • Security Architecture & Technical Controls: Assess, implement, and maintain security controls across enterprise systems, including infrastructure, endpoints, identity platforms, cloud environments, field service applications, mobile devices, and the Microsoft Azure and Microsoft 365 ecosystems. • Incident Response: Maintain and execute the company’s incident response process. Investigate security events, coordinate containment and remediation efforts, document incidents, and work with internal teams and external partners as needed. • Field Service Security Support: Identify and address cybersecurity risks related to field service scheduling systems, mobile device usage, remote workforce access, geographically dispersed operations, and field technician workflows. • Vulnerability & Risk Management: Perform or coordinate vulnerability assessments, risk reviews, security control evaluations, and remediation efforts. Prioritize findings based on business impact, likelihood, and operational risk. • Identity, Access & Endpoint Security: Support and improve identity and access management practices, including user access reviews, privileged access controls, multi-factor authentication, conditional access, endpoint security, and device compliance. • Microsoft Azure & Microsoft 365 Security: Configure, monitor, and improve security across Microsoft Azure and Microsoft 365 environments, including Entra ID, Defender, Purview, Exchange Online, SharePoint, Teams, Intune, and related security capabilities. • Disaster Recovery & Business Continuity Support: Support disaster recovery and business continuity planning from a cybersecurity perspective. Assist with backup protection, recovery testing, ransomware readiness, and resilience planning. • Governance, Compliance & Documentation: Maintain security documentation, policies, procedures, standards, risk registers, audit evidence, and compliance-related materials. Help ensure alignment with applicable cybersecurity best practices and business requirements. • Security Awareness & Training: Promote a practical security awareness culture across the organization, including field technicians, office staff, operations teams, and business users. Support phishing simulations, user education, and security communications. • Vendor & Third-Party Security: Assist with security reviews of vendors, service providers, software platforms, and third-party integrations. Track risks and coordinate follow-up remediation where needed. • Collaboration with IT & Business Teams: Work closely with infrastructure, applications, service desk, operations, and business stakeholders to identify security needs, resolve issues, and implement practical security improvements.

• Manage and execute the company’s information security program, including policies, procedures, controls, security standards, risk assessments, remediation tracking, and ongoing security improvements. • Perform day-to-day security activities, including monitoring security tools, reviewing alerts, investigating suspicious activity, coordinating remediation, managing vulnerabilities, and improving detective and preventive controls. • Assess, implement, and maintain security controls across enterprise systems, including infrastructure, endpoints, identity platforms, cloud environments, field service applications, mobile devices, and the Microsoft Azure and Microsoft 365 ecosystems. • Maintain and execute the company’s incident response process. Investigate security events, coordinate containment and remediation efforts, document incidents, and work with internal teams and external partners as needed. • Identify and address cybersecurity risks related to field service scheduling systems, mobile device usage, remote workforce access, geographically dispersed operations, and field technician workflows. • Perform or coordinate vulnerability assessments, risk reviews, security control evaluations, and remediation efforts. Prioritize findings based on business impact, likelihood, and operational risk. • Support and improve identity and access management practices, including user access reviews, privileged access controls, multi-factor authentication, conditional access, endpoint security, and device compliance. • Configure, monitor, and improve security across Microsoft Azure and Microsoft 365 environments, including Entra ID, Defender, Purview, Exchange Online, SharePoint, Teams, Intune, and related security capabilities. • Support disaster recovery and business continuity planning from a cybersecurity perspective. Assist with backup protection, recovery testing, ransomware readiness, and resilience planning. • Maintain security documentation, policies, procedures, standards, risk registers, audit evidence, and compliance-related materials. Help ensure alignment with applicable cybersecurity best practices and business requirements. • Promote a practical security awareness culture across the organization, including field technicians, office staff, operations teams, and business users. Support phishing simulations, user education, and security communications. • Assist with security reviews of vendors, service providers, software platforms, and third-party integrations. Track risks and coordinate follow-up remediation where needed. • Work closely with infrastructure, applications, service desk, operations, and business stakeholders to identify security needs, resolve issues, and implement practical security improvements.