- Define and maintain the firm’s information security strategy, policies, and controls. - Own security risk management across trading systems, custody/wallet infrastructure, cloud platforms, and third-party vendors. - Lead incident response and investigation for security events, including breaches, fraud, and wallet compromise scenarios. - Oversee core IT operations, including endpoint security, identity and access management, device management, and SaaS administration. - Ensure day-to-day IT systems are stable, secure, and well-supported, either directly or via managed service providers. - Partner closely with IT, Operations and Legal teams to embed security into daily workflows. - Provide clear security reporting and risk assessments to senior leadership.

• Engineer secure-by-default endpoint baselines for macOS and Windows Endpoints, including encryption, firewall, application controls, device compliance, and configuration standards. • Automate and scale identity and access controls in Entra ID and Google Workspace (SSO, SCIM, conditional access, privileged access workflows, access reviews, joiner/mover/leaver). • Codify security controls as code (Terraform/configuration profiles/policy-as-code), with peer review, change history, testing/rollback, and measurable outcomes. • Build and maintain automations and integrations (e.g., n8n/SlackOps/APIs/scripts) that reduce manual access grants, speed up control changes, and eliminate repetitive workflows. • Harden SaaS and collaboration platforms by reducing unmanaged apps and enforcing strong authentication, least privilege, sharing controls, and data protection guardrails. • Improve visibility and detection by ensuring logging coverage and telemetry for endpoint, identity, and key SaaS applications (e.g., Defender/Sentinel and vendor logs where relevant). • Drive vulnerability and configuration drift reduction through patch compliance targets, remediation pipelines, and reporting that leadership can act on. • Partner with compliance and risk stakeholders to produce evidence, document controls, and operationalize requirements without creating brittle, manual processes. • Participate in an on-call rotation (every ~3 weeks) for escalations related to identity, endpoint security, and critical enterprise systems.

• Advise senior executives on security strategy, modernization pathways, and multi‑year roadmaps that translate risk reduction into business value. • Distill complex security concepts into outcomes and decisions that resonate with C‑suite and senior leadership. • Lead recurring executive touchpoints—program reviews, steering committees, and health checks—to keep initiatives aligned and accountable. • Drive engagement momentum by removing roadblocks, orchestrating stakeholders, and ensuring planned outcomes are achieved. • Lead multi‑workstream, enterprise‑scale network security transformations—spanning architectures, migrations, and modernization programs—with an unwavering focus on quality. • Delegate workstreams to qualified team members enabling scale of delivery. • Provide hands-on technical guidance developing team capability. • Architect secure network designs that enable Zero Trust, micro‑segmentation, secure remote access (VPN/ZTNA), cloud perimeters, and resilient data center security fabrics. • Establish standards, reusable patterns, and delivery frameworks to drive consistency and scale across the practice. • Review and approve technical deliverables to ensure alignment with client standards, regulatory frameworks, and best practices. • Partner closely with account teams on strategic security campaigns—assisting with presales activities such as scoping, and solution strategy to win and expand business. • Identify and close follow‑on services within existing accounts through credibility, relationships, and demonstrable impact. • Contribute proactive pipeline insights and opportunity identification to support accurate forecasting. • Develop methodologies, tooling, and processes that improve the efficiency and repeatability of our Network Security practice. • Produce thought leadership—whitepapers, blogs, reference architectures, conference presentations—and represent AHEAD in public forums. • Support talent acquisition, interviewing, and onboarding of senior network security engineers; mentor and elevate the team.

• Drive the organization's defensive security capabilities across detection engineering, security orchestration, automation, and response (SOAR) • Co-lead the organization's threat hunting program • Integrate new threat intelligence into high-fidelity detections • Automate incident response processes to maximize team efficiency and response speed • Collaborate closely with the SOC Manager to co-lead threat hunting initiatives • Partner with cross-functional security teams to build and scale security operations capabilities