Security Risk Advisors

• Lead Purple Team Exercises: Plan, execute, and manage purple team exercises to evaluate the effectiveness of security controls and improve the organization's defensive capabilities. • VECTR Operations: Use the VECTR platform to document, track, and report on purple team activities. • Test Preparation and Execution: Oversee the preparation, execution, and reporting of purple test cases. • Metrics and Reporting: Develop and track metrics for measuring test outcomes. • Collaboration: Work closely with internal SRA teams, including Red and Blue, to integrate findings from purple team exercises into continuous improvement processes for each client. • Client Interaction: Engage with clients to understand their security needs and communicate findings. • Training and Development: Provide training and guidance to team members on purple team methodologies and the use of VECTR. • Research and Innovation: Use knowledge gained during purple team exercises to conduct research initiatives for improving services.

• Help monitor, triage, and investigate security alerts across endpoint, network, identity, and cloud data sources. • Document and communicate findings suitable for client consumption. • Support 24x7 SOC operations and provides exposure to multiple client environments, modern security tooling, and structured mentorship and training. • Continuously monitor and triage security alerts across endpoint, network, identity, and cloud telemetry. • Investigate alerts to determine severity, scope, and whether activity is benign, suspicious, or malicious; escalate per documented procedures. • Perform initial incident response support activities such as evidence collection, timeline development, and basic containment recommendations under supervision. • Use SIEM, EDR, NDR/NSM, and SOAR platforms to detect, investigate, and respond to threats; examples include Splunk or Microsoft Sentinel (SIEM), CrowdStrike Falcon or Microsoft Defender for Endpoint (EDR). • Leverage threat intelligence and common frameworks (e.g., MITRE ATT&CK) to enrich investigations and communicate attacker behavior clearly. • Thoroughly document work in case management systems, including investigation steps taken, evidence reviewed, decisions made, and recommended next actions. • Communicate status and findings to internal leadership and clients with professionalism and clarity (written and verbal). • Contribute to continuous improvement by identifying recurring false positives/noisy alerts and providing feedback for tuning and playbook updates. • Maintain proficiency through required training, labs, and knowledge sharing; follow policies to protect confidential information.

• Translate mockups and wireframes into production-ready Vue 3 components • Build complete features from requirements through deployment • Make thoughtful UI/UX decisions with minimal specifications • Establish patterns and build reusable components for application consistency • Collaborate with backend developers and product team to ship features quickly • Optimize performance and ensure responsive, accessible interfaces • Participate in code reviews and technical discussions • Troubleshoot and resolve frontend issues