• Lead the migration of all SSO, MFA, and Conditional Access policies from Okta to Microsoft Entra ID • Architect and implement BeyondTrust to establish Tier-0 privileged access controls across newly acquired AD forests and cloud environments • Serve as the internal technical authority and design reviewer for the MSP’s Entra ID tenant configuration, ensuring governance standards, naming conventions, and security defaults align with long-term strategy • Lead the technical hand-off and integration of standalone Active Directory forests into the new Entra ID tenant • Design and enforce zero-trust identity principles across authentication, authorization, and privileged access management • Develop PowerShell and Microsoft Graph API automation to streamline identity lifecycle management, governance controls, and reporting • Define and document identity architecture, authentication flows, access models, and governance frameworks • Partner with infrastructure, security, and compliance stakeholders to ensure enterprise-wide alignment with security standards • Provide strategic guidance to executive and technical leadership on identity and security decisions

• Partner with the Lead Product Manager to ensure the backlog is refined, well-documented, and ready for development • Write clear, testable user stories and acceptance criteria for product enhancements, bugs, and technical requests • Facilitate meetings with internal SMEs (support, training, customer success) to gather context, replicate issues, and document edge cases • Support backlog refinement sessions and sprint planning by ensuring stories meet the Definition of Ready • Help prepare discovery materials and documentation for new features or customer needs • Organize supporting materials like workflows, screenshots, support cases, and stakeholder notes • Serve as a liaison between customer-facing teams and developers, helping ensure issues are well understood before development begins • Follow up with stakeholders to resolve outstanding questions or missing information for development work • Contribute to internal product documentation and knowledge base articles

• Monitoring and responding to internal and external RFIs and collection support tasks through established workflow processes. • Experience performing operation support tasks such as training, doctrine development, CI/security tasks, and collection capability management. • Triaging tickets and ensuring collection requirements are tasked to the appropriate elements and completed within established time frames. • Identifying where novel collection activities can support and address known intelligence gaps vis a vis finished intelligence production. • Employing secure virtual operational tradecraft methods and practices when conducting research. • Maintaining awareness of threat actor tactics, techniques, and procedures to appropriately assess quality and credibility of operators, toolsets, and other offered services.

• You’ll be the hands‑on security lead embedded with core product teams to secure agentic workloads end‑to‑end, from SDK through LangSmith/Graph services and customer integrations. • You’ll define our security roadmap, land immediate hardening wins, and raise the bar on how AI infra is protected in production. • Own product & platform security: Design and drive application/infrastructure security controls across LangSmith, LangGraph, and the LangChain SDK ecosystem (Python/TS/Go). • Secure-by-default authN/Z: Evolve SSO/SAML/OIDC/SCIM, token lifecycles, service‑to‑service auth, and tenant isolation for cloud and self‑hosted customers. • Vuln management: Own scanning/triage/patch SLAs; coordinate with engineering to remediate quickly without slowing delivery. • Ship code, reviews, and tooling: Land secure designs, write PRs, perform penetration testing, and introduce lightweight checks (linters, dependency/supply‑chain scanning, SBOM/SLSA provenance) to enable security at scale. • Hardening & operations: Network segmentation/Zero Trust, Kubernetes posture, secrets management, key rotation, least‑privilege IAM, egress controls