• Protect the organization’s identity infrastructure by designing, implementing, and operating secure authentication, authorization, and access controls • Focus on Microsoft Entra ID–centric identity security, including Conditional Access, privileged access, identity lifecycle automation, and identity-driven phishing protection • Serve as the first responder for identity-based security events and partner closely with Security Engineering and GRC to reduce breach risk while enabling secure business growth • Design, implement, and maintain secure identity architectures using Microsoft Entra ID • Manage user, group, device, and service-principal identity lifecycle controls • Enforce least-privilege access using role-based access control (RBAC) • Design and operate Conditional Access policies (MFA, device trust, location, risk-based access) • Implement passwordless and phishing-resistant authentication (FIDO2, TAP) • Maintain emergency access and break-glass account controls • Implement and operate Privileged Identity Management (PIM) • Reduce standing administrative privileges across Entra ID and Azure • Conduct periodic access and privilege reviews • Automate joiner/mover/leaver processes using PowerShell and Microsoft Graph • Support access reviews and entitlement management • Integrate identity controls with HR and IT provisioning systems • Design and maintain email authentication controls (SPF, DKIM, DMARC) • Implement and manage Microsoft Defender for Office 365 anti-phishing policies • Lead identity-focused response to phishing events: Token revocation and forced sign-out • Monitor identity-related alerts and risky sign-in activity • Support investigations involving credential theft or unauthorized access

• Supporting and maintaining ISMS, PIMS, and BCMS frameworks • Participating in external certifications and audits (PCI DSS, ISO 27001, ISO 27701, ISO 22301, GDPR, DORA) • Managing access control processes: IAM / SSO / MFA, Joiner–Mover–Leaver processes, regular access reviews and privilege control • Operating and tuning information security tools, including: vulnerability scanners, IAM and access control systems, anti-phishing tools and security awareness platforms • Analyzing alerts and findings, including false positives, and driving remediation • Maintaining and updating asset and information security risk registers • Supporting incident response activities and post-incident analysis • Conducting and tracking Disaster Recovery (DRP) and Business Continuity (BCP) tests, ensuring identified gaps are addressed

• Own and drive new enterprise sales opportunities for AQtive Guard across North America. • Build and manage a strong pipeline using strategic account planning, MEDDPICC/Challenger methodologies, and value-based selling. • Develop and execute go-to-market strategies in partnership with marketing, sales engineering, customer success, and product teams. • Engage directly with CISOs, CIOs, CTOs, and other executive stakeholders to shape business cases, manage complex buying cycles, and drive large enterprise deals to close. • Represent SandboxAQ at industry events, executive dinners, and strategic customer briefings. • Provide critical field feedback to product, engineering, and leadership teams to refine roadmap and positioning. • As revenue grows, recruit, coach, and lead a high-performing North American sales team, including enterprise account executives and sales development resources. • Collaborate with global leadership to ensure consistency, forecasting accuracy, and alignment to revenue targets.

• Partner with customers to craft and execute strategies that drive deep integration of AQtive Guard within their infrastructure • Facilitate technical discussions and hands-on sessions to demonstrate best practices and ensure customers maximize their security ROI • Proactively identify and troubleshoot technical bottlenecks, collaborating with engineering to resolve high-stakes security issues • Coordinate between Sales, Product, and Engineering to ensure a seamless customer experience from implementation through expansion • Anticipate technical challenges, develop mitigation strategies, and drive best practices to optimize performance and security