• Lead all aspects of the compliance lifecycle across multiple public sector frameworks (e.g., FedRAMP, GovRAMP), including risk assessments, continuous monitoring, audits, and authorization management • Drive complex cross-functional program management efforts involving teams across security, legal, engineering, infrastructure, and product functions. • Serve as a subject matter expert on risk management and regulatory compliance for federal, state, and local government environments. • Develop and maintain comprehensive security documentation aligned with applicable frameworks, including System Security Plans (SSPs), Security Assessment Reports (SARs), POA&Ms, and data flow diagrams. • Monitor compliance with control requirements (e.g., NIST 800-53, GovRAMP Baselines) and coordinate the implementation of technical and procedural safeguards. • Engage with third-party assessors (3PAOs or independent assessors), government sponsors, and internal teams to support assessments and audits. • Lead readiness assessments and support the prioritization of remediation activities across teams. • Manage timely tracking and closure of vulnerabilities and findings; ensure reporting and documentation obligations are met. • Provide risk-informed compliance recommendations that influence infrastructure and product development decisions. • Collaborate with legal and government affairs teams to ensure compliance with emerging federal and state regulatory requirements. • Stay informed on evolving threats, compliance trends, and guidance updates across FedRAMP, GovRAMP, NIST, and other frameworks.

• Monitor and manage the health and performance of the client instance of AHEAD Managed Security SIEM platforms and deployed SIEM agents • Partner with client Security team and other AHEAD Managed Security and in the design and implementation of new data visualizations and custom detection rules • Tuning of rules, filters, and policies for detection-related security technologies to improve accuracy and visibility • Attend client-facing security meetings and provide updates to SOC metrics, ongoing projects, and technical issues • Join incident bridges in response to IT or security incidents to provide an expert opinion and assistance with querying available log data related to the incident • Engage with client security and IT infrastructure teams for new data source onboarding activities, including ingestion, normalization, and enrichment through various ingestion methods • Assist with planning, implementation, and validation of changes applied by AHEAD or client infrastructure teams to remediate penetration test findings • Provide evidence required to support the completion of audit and compliance questionnaires, as it applies to AHEAD support to the client • Perform configuration and content development including index lifecycle management, data ingestion, detection rule tuning and more within the SIEM platform • Perform robust capacity planning activities within SIEM platform to ensure data source ingestion remains within contracted scope • Partner with AHEAD Managed Security SOAR engineering resources for integrations and security incident investigation workflow design and continuous improvement • Data mining of log sources to uncover and investigate anomalous activity, along with related items of interest • Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall Managed Security functions

Role Description This role is responsible for designing, implementing, automating, and maintaining security platforms that support enterprise cybersecurity operations. - Focuses on integrating security agents/tools. - Improves detection capabilities. - Ensures platform reliability. - Enables security teams through scalable infrastructure and automation. - Demands cloud experience blended with platform engineering capabilities to mature the AI Security platform/tools. Qualifications - Experience in cybersecurity operations. - Knowledge of security agents/tools integration. - Strong analytical skills. - Cloud experience. - Platform engineering capabilities. Requirements - Proven experience in designing and implementing security platforms. - Ability to automate processes and improve detection capabilities. - Experience with scalable infrastructure. Benefits - Opportunity to leverage advanced technology. - Chance to redefine the transportation landscape. - Enhance customer experience and improve lives.

Einleitung Worum geht`s? Unser Mandant ist eine namhafte Hamburger Bank, die in den letzten Jahren ein starkes Wachstum, besonders hinsichtlich der IT und der entsprechenden Prozesse, hingelegt hat und die großen Wert auf das Wohlbefinden der Mitarbeiter und auf die Aus- bzw. Weiterbildung legt. Deine Aufgaben - Gemeinsam mit deinem Team „IT Security & operational Governance “ verantwortest du die technische den Betrieb und die kontinuierliche Optimierung der IAM-Systemlandschaft - Konfiguration, Integration und das Troubleshooting von IAM-Systemen. - Mit deinem Wissen über IAM-Regularien, -Prozesse und -Systeme sorgst du für einen sicheren und Compliance-gerechten Betrieb und Monitoring „End2End“: von Berechtigungs- und Rollenkonzepten über „Joiner-“, „Mover-“ bis zu „Leaver-Prozessen“ - Stakeholder-gerechte Kommunikation für IAM-Themen - Zusammenarbeit mit Service Providern - Du berätst und unterstützt Digitalisierungsvorhaben aktiv und leitest Projekte im Kontext IAM - Du begleitest interne und externe Prüfungen zum Thema IAM Dein Profil - Hochschul-/Fachholschulstudium der (Wirtschafts-) Informatik oder einschlägige Berufserfahrung und Fortbildungsmaßnahmen. - Fundierte Kenntnisse in IAM-Technologien, -Architekturen und -Protokollen (z. B. LDAP, SAML, OAuth, OpenID Connect). - Hands-on-Erfahrung mit IAM-Systemen (z. B. One Identity, EntraID, CyberArk) - Kenntnisse in Skripting und Automatisierung (z. B. PowerShell, Python) - Du besitzt sehr gute Kommunikationsfähigkeiten und bist in der Lage, komplexe Sachverhalte Stakeholder gerecht aufzubereiten und zu vermitteln - Du bist ein out-of-the-box Denker und ein Teamplayer - Sehr gute Deutsch- und Englischkenntnisse Benefits - Attraktives Gehaltspaket bis 95.000€ - Förderung Deiner individuellen Weiterentwicklung und Karriere, u.a. durch E-Learning Campus, fachspezifische Lehrgänge, Sprachkurse, Team-Workshops oder Mentoringprogramme - Flexible Arbeitszeit, mobiles Arbeiten, 30 Tage Urlaub sowie 24./31.12 frei - Betriebliche Altersversorgung und 40€ für vermögenswirksame Leistungen - Steuerfreie monatliche Bezuschussung des Deutschlandtickets in Höhe von 49€ sowie der Verpflegung in Höhe von 44€ - Deutschlandweites Sport- und Gesundheitsnetzwerk zur Förderung Deiner Gesundheit - Bis zu drei Tage Freistellung im Jahr für soziale oder ökologische Projekte zur Förderung Deines freiwilligen, gesellschaftlichen Engagements - Wertschätzender Umgang mit besonderem Augenmerk auf Chancengleichheit und Diversity