• As a Microsoft 365 Consultant, you advise our customers on the adoption and use of the Microsoft Cloud portfolio. • Your focus is primarily on compliance and security topics. • Key areas include Conditional Access, Multi-Factor Authentication, Privileged Identity Management, Endpoint Management, Purview, and Cloud Security (Microsoft Defender Suite). • You build configuration frameworks for the above products and implement them for our customers. • You ensure that, after deployment, the system’s maintenance and upkeep are secured. • As our expert, you drive the long-term development of security solutions and provide ongoing advisory support to customers. • You support us in Incident Response (24/7).

• Implement and maintain the network and security on IaaS cloud, mainly OpenStack. • Oversee network configuration, FW rules, IPSec, and various VPN technologies.

• Develop and implement holistic security compliance programs • Create comprehensive risk management frameworks • Design and maintain security policies, procedures, and guidelines • Continuously assess and update security strategies • Ensure compliance with complex regulatory standards including, but not limited to: HIPAA GDPR CCPA ISO 27001 HITRUST • Conduct thorough risk assessments and vulnerability evaluations • Prepare detailed compliance reports and documentation • Support external and internal audit processes • Track and implement regulatory changes • Perform comprehensive security vulnerability assessment • Develop and implement security control frameworks • Monitor and analyze security incidents and breaches • Design and conduct security awareness training programs • Manage access control and identity management systems • Evaluate and recommend security technologies and solutions • Develop and maintain incident response plans • Coordinate rapid and effective responses to security incidents • Conduct post-incident analysis and implement preventive measures • Maintain detailed incident documentation and reporting • Work closely with IT, Legal, Compliance, and Clinical teams • Provide security guidance and recommendations • Facilitate cross-functional security awareness and training • Support technology implementation and security best practices

• Architect Windows kernel telemetry pipelines • Dissect adversary tradecraft • Conduct attack scenario analysis • Define security event ontology • Perform systems research on Windows internals • Validate telemetry coverage through adversary emulation • Collaborate with engineering to translate research into production • Stay current with offensive security research