Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays and experiences that make it possible for guests to connect with communities in a more authentic way. The Community You Will Join: Airbnb is a mission-driven company dedicated to helping create a world where anyone can belong anywhere. It takes a unified team committed to our core values to achieve this goal. Airbnb's various functions embody the company's innovative spirit and our fast-moving team is committed to leading as a 21st century company. The strategic goal of the Risk and Compliance Operations team is to focus on creating the standardized operational security processes and protocols in order to ensure there is proper Risk Governance and Compliance for Community Support teams in specific domains, including product, process, and engineering in accordance with company policies and contractual agreements. The Difference You Will Make: As a key member of our team, you’ll drive operational excellence, foster innovation, and champion security and productivity. You’ll play a pivotal role in designing and maintaining provisioning frameworks, collaborating with engineering partners to optimize permission models and tooling, and balancing speed with robust security across all processes. Your expertise will be essential in leading cross-functional Customer Support initiatives, securing alignment, and building strategic partnerships with teams like InfoSec, Partner Management, Legal, and Privacy to advance our mission. Through your work with stakeholders, you will: - Develop and execute improvement roadmaps. - Manage projects for implementing new security and privacy controls. - Lead process enhancements and optimize access controls. - Define audit and reporting mechanisms for both internal and vendor teams. - Deliver best-in-class privacy and data protection for Operations. You’ll be joining a newly formed team with the rare opportunity to shape its culture and direction—bringing vision, leadership, and an entrepreneurial spirit as our team grows. A Typical Day: - Governance & Reporting: Measure, report, and govern privileged access controls to ensure compliance. - Requirements & Implementation: Document and translate PAM (Privileged Access Management) requirements for technology partners, supporting efficient, modern, and sustainable solutions. - Stakeholder Collaboration: Work cross-functionally to develop and iterate on PAM requirements across Process, Data, and Technology domains. - Policy & Standards: Partner with the policy governance team to socialize and publish updates to the PAM Standard. - Authentication & Security: Apply your mastery of authentication platforms (Active Directory, LDAP, Kerberos, Radius) and PAM principles (JIT provisioning) to make recommendations to policy and provisioning processes and technology teams. - Regulatory Compliance: Ensure alignment with industry regulations and standards (NIST, ISO/IEC, FFIEC), particularly within financial services. - Risk Management: Proactively identify, assess, and mitigate PAM risks, driving continuous improvement and accountability. - Stakeholder Engagement: Report on existing and emerging PAM/information security risks to senior leadership with transparency and clarity. - Quality Assurance: Design and execute thorough test strategies for privileged access processes, collaborate on defect resolution, and recommend improvements for usability, resilience, and security. - Documentation: Maintain clear, comprehensive records of policies, approval processes, and test outcomes. - Industry Engagement: Stay up-to-date with emerging trends and best practices in privileged access management. - Access Management policies: Define and maintain access management policies for different user personas (admin, developer, user, viewer). - Leadership: Coach and train team members, ensuring accurate and efficient Human in the Loop processes. - Access lifecycle: Oversee the full lifecycle of access (create, edit, delete, view, hide, etc.). Build and refine abstractions to inform access decisions, considering: - User roles/personas - Tenant or organizational affiliation - Privileges assigned via specific permissions or group memberships Your Expertise: - 8+ years of hands-on experience with Access and Privileged Access Management (PAM) operations in a technology-driven environment. - Demonstrated experience in PAM operational tasks, including safe creation and management, privileged account onboarding, policy development, and least-privilege access model implementation. - Solid background in identity and access management (IAM) principles and industry best practices. - Experience with operationalizing Just-In-Time (JIT) privilege models, role-based access controls (RBAC), and enforcing Segregation of Duties (SoD). - Working knowledge of authentication protocols (e.g., SAML, OAuth, OpenID Connect, Active Directory, LDAP, Kerberos). - Familiarity with cloud-based privileged access management, including the classification and management of non-human identities (service accounts, API keys, etc.). - Strong understanding of security standards and regulatory frameworks (NIST, ISO/IEC, FFIEC) relevant to access management. - Strong SQL abilities, including querying and dashboard creation. - Clear, concise communication skills, with a proven ability to collaborate across engineering, security, product, and operational teams without a technical background to drive alignment and best-in-class solutions. - Experience in documenting policies, procedures, and reporting on PAM-related risk and compliance metrics. - Demonstrated ownership and accountability for continuous improvement in PAM controls and risk management. - Proactive in identifying and mitigating security risks related to privileged access. - Comfortable working in a fast-paced environment and contributing to cross-functional or global initiatives. - Demonstrated ability to build and coach teams. - Familiarity with access management challenges specific to cloud-native environments (AWS, GCP, Azure). - Involvement in developing or maintaining Privileged Access Management strategies that address both human and non-human identities, including business users, developers, and service accounts. Your Location: This position is US - Remote Eligible. The role may include occasional work at an Airbnb office or attendance at offsites, as agreed to with your manager. While the position is Remote Eligible, you must live in a state where Airbnb, Inc. has a registered entity. Click here for the up-to-date list of excluded states. This list is continuously evolving, so please check back with us if the state you live in is on the exclusion list If your position is employed by another Airbnb entity, your recruiter will inform you what states you are eligible to work from. Our Commitment To Inclusion & Belonging: Airbnb is committed to working with the broadest talent pool possible. We believe diverse ideas foster innovation and engagement, and allow us to attract creatively-led people, and to develop the best products, services and solutions. All qualified individuals are encouraged to apply. We strive to also provide a disability inclusive application and interview process. If you are a candidate with a disability and require reasonable accommodation in order to submit an application, please contact us at: reasonableaccommodations@airbnb.com. Please include your full name, the role you’re applying for and the accommodation necessary to assist you with the recruiting process. We ask that you only reach out to us if you are a candidate whose disability prevents you from being able to complete our online application. How We'll Take Care of You: Our job titles may span more than one career level. The actual base pay is dependent upon many factors, such as: training, transferable skills, work experience, business needs and market demands. The base pay range is subject to change and may be modified in the future. This role may also be eligible for bonus, equity, benefits, and Employee Travel Credits. Pay Range $129,000—$152,000 USD

• Monitor and triage security alerts. • Build, test, and refine detections to enhance threat identification across Mac, Linux, and Windows systems. • Conduct in-depth analysis of security incidents, including malware, phishing, and advanced persistent threats, leveraging SIEM and EDR capabilities. • Perform proactive threat hunting using the SIEM and EDR features. • Investigate and respond to incidents swiftly, following established incident response protocols. • Document findings clearly and provide actionable remediation recommendations. • Collaborate with cross-functional teams to strengthen security controls and mitigate vulnerabilities. • Stay current on emerging threats, vulnerabilities, and industry trends through self-directed learning. • Participate in on-call rotation for 24x7x365 SOC coverage, demonstrating reliability and accountability. • Escalate confirmed or suspicious incidents and cases to the Incident Response team.

• Maintain operational and administrative oversight of assigned potential, live, and completed security projects • Support projects from inception through completion, including planning, execution, administration, and follow-up • Manage all related client and vendor communications • Ensure Salesforce Health Cloud (SFHC), Salesforce (SFDC), and SharePoint are accurate, current, and complete • Collaborate closely with Security Operations team members to provide operational support and coordination • Administer Secure Journey Management tasks, including car and driver, close protection, and meet-and-greet services • Create and manage SFHC cases, SharePoint folders, task checklists, and risk assessments • Liaise with clients to gather requirements and vendors to source and validate quotations • Prepare service proposals, quotations, letters of engagement (LOEs), and related documentation • Apply rate cards, taxes, exchange rates, and margins accurately • Coordinate approvals, supplier confirmations, purchase orders, and invoicing • Monitor live tasks, manage updates, and ensure post-task closure and financial reconciliation • Assist with operational security requests received via Everbridge Assist • Provide initial acknowledgment and administrative setup for short-notice Secure Journey Management requests • Monitor and respond to operational communication channels (email, Slack, Teams, WhatsApp) • Review monthly open purchase order reports and provide feedback • Maintain accurate records and documentation across all systems

Title: Cyber Defense Infrastructure Support Specialist Clearance: Active TS Required, Q Clearance preferred Education: Bachelor’s degree preferred Years Experience: all levels available Location: fully remote Compensation: DOE ($55k/yr-$115k/yr.) A Cyber Defense Infrastructure Support Specialist is responsible for the maintenance, enhancement, and protection of an organization's cyber defense infrastructure. This role involves safeguarding critical data and network resources, ensuring operational integrity, and preventing disruptions due to malicious activities. The specialist works closely with multiple teams to align cybersecurity measures with organizational goals and supports secure and efficient operations. Duties include: - Installing, configuring, and managing security software and hardware, conducting vulnerability assessments, and developing comprehensive security policies and protocols. - Monitor network traffic for unusual activity, respond to incidents, and coordinate with other IT professionals to mitigate threats. - Systematic & continuous updates with the latest cyber defense tactics and technological advancements are essential for maintaining a robust security posture. Note This job description in no way states or implies that these are the only duties to be performed by the employee(s) of this position. Employees will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments. All duties and responsibilities are essential functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. Who we are...  August Schell offers 30 years of experience in providing our customers innovative solutions and engineering services to their most challenging needs. We thrive on navigating complex IT difficulties and are driven to find the best solutions for our customers. Our team delivers expert knowledge in cyber security, big data, endpoint security and cloud solutions. Our ability to serve our customers with continued excellence is a direct reflection of our dedicated and exceptional people. At August Schell, we are not only a team, we are a family. Equal Employment Opportunity August Schell Enterprises Inc. is an Equal Employment Opportunity Employer. We are committed to providing a workplace that is free from discrimination and harassment based on race, color, religion, sex (including pregnancy, sexual orientation or gender identity), national origin, age, marital status, disability, protected veteran status or any other characteristic protected by applicable law. Accommodations If you are an individual with a disability and would like to request a reasonable accommodation during the application or hiring process, please contact Human Resources at hr@augustschell.com Apply Now