• Develop and implement a vision and strategy for Microsoft Security. • Identify new market opportunities and build relationships with clients. • Support the sales team by providing technical expertise and preparing proposals. • Execute projects, playing a hands-on role in their realization and implementation. • Collaborate with the overarching Solution Manager and other experts within the focus solutions.

• Design and manage network security controls including firewalls, IDS/IPS, VPNs, and network segmentation • Implement and evolve zero-trust security models with least-privilege access • Configure and maintain identity and access management solutions (MFA, SSO, PAM, RBAC) • Implement encryption standards for data at rest and in transit; manage keys and certificates • Deploy and manage security monitoring, logging, and alerting infrastructure • Analyze security events, investigate incidents, and lead response activities • Perform vulnerability assessments and coordinate remediation efforts • Develop and maintain security policies, procedures, and documentation • Collaborate with teams to integrate security into CI/CD pipelines and infrastructure

• Support the Onit security function during US Central Time business hours. • Implement and manage cloud-native security tools and third-party solutions for threat detection and incident response. • Define, maintain, and execute the Incident Response plan, investigating and resolving incident escalations. • Perform regular risk assessments and vulnerability scans of cloud infrastructure, ensuring timely remediation. • Collaborate with Dev, DevOps, and Infra teams to remediate identified vulnerabilities, discuss security best practices, and assist with security incident response. • Analyze EDR alerts and logs to identify potential security incidents, taking appropriate action. • Continuously evaluate and implement security tools and practices to enhance the security posture of the Onit environment. • Assist with application security reviews and threat modeling. • Assist with security awareness programs for employees regarding security best practices

• Implement and maintain strong authentication protocols, including multi-factor authentication (MFA) for admin and employee accounts. • Enforce role-based access controls (RBAC) to limit access to sensitive systems and data based on job responsibility. • Monitor security logs and alerts to detect unauthorized access or suspicious activity. • Regularly update and patch website CMS, plugins, payment gateways, and related software to eliminate vulnerabilities. • Implement encryption of sensitive data both at rest and in transit (SSL certificates, AES-256 encryption, etc.). • Develop and maintain data retention and disposal policies, ensuring secure deletion of data no longer needed. • Maintain compliance with PCI-DSS standards for payment security and privacy regulations such as GDPR, HIPAA, or CCPA, as applicable. • Oversee the security of payment processing platforms, ensuring tokenization, end-to-end encryption, and fraud detection tools are in place. • Coordinate with payment gateway providers to maintain updated security certifications and compliance. • Schedule and conduct periodic vulnerability scans, penetration tests, and audits to proactively identify and address security gaps. • Collaborate with external security consultants or ethical hackers for advanced penetration testing. • Develop and maintain an incident response plan and lead response efforts for any suspected or actual breaches. • Provide security awareness training to staff regarding password hygiene, phishing, data handling, and access protocols. • Utilize real-time monitoring tools to oversee server logs, network traffic, and application access. • Implement proactive alerts for suspicious activities and maintain a dashboard of security metrics.