• Operates and maintains SIEM tools and components, such as log aggregators, forwarders, and data observability systems • Tests, implements, and tunes new on-premises and cloud-based technical environments that support infrastructure visibility, analysis, automation, and secure data retention • Develops content that enables cybersecurity personnel to take maximum advantage of existing tool capabilities, including workflows, integrations, and automated tasks • Collaborates across Information Technology Services teams to integrate SIEM components with cybersecurity enrichment and analysis platforms and system management tools • Creates and maintains architectural documentation and operational procedures that describe the scope, purpose, configuration, use, and maintenance of the SIEM tools and environments • Contributes to projects (as assigned or independently) that improve the effectiveness and efficiency of a cybersecurity program, including but not limited to workflow improvements, automation expansion, management tool enhancements, program or strategic initiatives, and user awareness training

• Monitor security alerts and events continuously in a 24x7 environment • Perform **triage, validation, and qualification of alerts**, reducing false positives and prioritizing real risks • Conduct **security investigations** and **threat hunting** activities, correlating events and developing attack hypotheses • Open, update, and maintain **tickets in ITSM/SOC** (e.g., Jira), following quality standards and required fields

• Act as the go-to expert for complex technical cases involving network security, identity integrations, and secure connectivity. • Troubleshoot advanced issues related to firewall policies, VPN configurations, SD-WAN, and secure application delivery. • Integrate and support Microsoft Entra ID, Okta, and other identity providers for SSO, federation, and conditional access scenarios. • Perform in-depth analysis of authentication flows (SAML, OAuth 2.0, OpenID Connect) and resolve associated token or access issues. • Partner with Engineering and Product teams to influence long-term security and networking improvements. • Create and maintain knowledge base articles, technical documentation, and best practice playbooks for internal and external audiences. • Mentor frontline solution engineers and contribute to internal training and enablement programs. • Participate in customer engagements, security workshops, and architecture reviews as a trusted technical advisor.

• As an Information Security Auditor, you'll be responsible for safeguarding internal company data and client data through robust information security, compliance, and risk management programs. • Manage the development, deployment, and execution of controls and defenses to ensure the security and compliance of our technology infrastructure and data assets. • Develop and execute security controls, defenses, and countermeasures to prevent attacks on email, data, e-commerce, and web-based systems. • Administer policies to control access to systems. • Facilitate audit testing for SOC 2, PCI DSS, and develop and monitor controls, and assist with remediation guidance. • Lead audits of cloud environments, information systems, and security tools to ensure adherence to frameworks, laws, and regulations. • Support comprehensive assessments of security controls to determine their effectiveness and ensure they meet security requirements. • Guide stakeholders on securing systems and liaise with auditors and compliance teams to implement compensating controls. • Research best practices and trends in information security, ensure execution of required testing, and lead remediation activities for successful security audits/certifications. • Identify weaknesses in internal controls, provide guidance on improving security compliance processes, and partner with stakeholders to implement solutions. • Ensure alignment with internal policies and external regulatory requirements, continuously identify process enhancements, and stay current on changing regulatory requirements and industry frameworks.