• побудова та впровадження практик Secure SDLC у процеси розробки; • інтеграція SAST/DAST/SCA та інших security-сканерів у CI/CD пайплайни; • виявлення, аналіз та супровід усунення вразливостей у застосунках і залежностях; • автоматизація базових механізмів фішинг-захисту та security-контролів; • консультація інженерних команд щодо безпечного коду та практик безпеки; • проведення security-навчання та підвищення awareness команд; • участь у моніторингу та реагуванні на security-інциденти; • допомога у впровадженні підходів asset та risk management.

• Own detection engineering: SIEM use-cases, data pipelines, parsers, enrichment, and tuning to reduce false positives • Lead threat hunting and purple-team exercises; drive control improvements based on TTPs (ATT&CK) • Architect endpoint and email security baselines; optimize EDR/XDR policies and response automation • Implement and optimize Data Loss Prevention (DLP) technical controls and integrations in alignment with enterprise data protection requirements • Guide vulnerability management strategy (risk-based prioritization, exploitability analysis, compensating controls) • Design partner in network security architectures (micro-segmentation, firewall policies, NDR) and secure remote access (SASE/ZTNA) • Provide key insights for cloud workload protection (CSPM/CWPP/CIEM) and secure identity governance integrations • Perform root-cause analysis and forensics coordination, document findings and corrective actions • Mentor engineers; set coding and automation standards for security tooling and integrations • Drive technology selection, POCs, and reference implementations; maintain technical roadmaps • Track and improve detection quality metrics (e.g., false positives, coverage, MTTR) • Represent security in architecture boards and major program decisions • Develop and maintain security automation and response playbooks in partnership with SOC/MDR providers to improve detection and response efficiency • Familiarity with OT/ICS security considerations in manufacturing environments • Partner with SOC/MDR provider to continuously improve detection coverage and tuning

• Design, implement, and operate security controls primarily across Microsoft Azure environments • Lead design and implementation for cloud landing zones, identity, and network controls (VPC/VNet, security groups/NSGs, private endpoints) • Configure cloud-native security services (e.g., Microsoft Defender for Cloud, Microsoft Sentinel, Defender XDR) • Build posture management (CSPM) and workload protection (CWPP) with policy-as-code and automated remediation • Implement key management, encryption at rest/in transit, and certificate governance using KMS/Key Vault/Cloud KMS • Establish logging, telemetry, and alerting (Azure Monitor) integrated to SIEM/XDR • Work with key team members across IT and Security to test and validate total coverage / maturity of detection telemetry from cloud native sources • Determine architecture as needed to harden serverless containers, and managed services (Functions, Logic Apps, Container Apps, AKS, ACI) with baseline controls • Perform threat modeling and security reviews for cloud architectures and application designs • Partner with platform and product teams to deliver IaC guardrails, image baselines, and patch/vulnerability workflows • Respond to cloud incidents as a point of escalation; perform triage, containment, and post-incident improvements • Develop automation architecture where applicable to optimize cloud detection and response capabilities • Leverage automation and AI-assisted capabilities where appropriate to enhance cloud detection and response • Document standards and runbooks; conduct enablement sessions with dev and ops teams • Design partner in cloud security strategy and program maturity

• Design and maintain IAM security architecture: directory services, federation, SSO (SAML/OIDC), MFA, conditional access, device trust • Implement identity lifecycle automation (joiner/mover/leaver), birthright roles, and SCIM-based provisioning/deprovisioning • Define RBAC/ABAC models; perform access reviews, role mining, and segregation-of-duties analyses • Integrate identity governance platforms (where applicable) with HRIS/ERP and downstream applications • Engineer privileged access management (PAM) solutions (Examples: CyberArk/BeyondTrust) including JIT elevation and session recording • Secure service and machine identities, secrets, and certificates; enforce rotation and attestation • Develop identity security monitoring and anomaly detection (e.g., Identity Protection, risk-based access); integrate with SIEM/XDR for response • Support Zero Trust identity strategy, including strong authentication, device trust, and continuous access evaluation • Support compliance audits (where applicable) with access certification evidence and control narratives • Troubleshoot complex federation and authorization issues; provide tier-3 support and root-cause analysis • Document standards, patterns, and runbooks; advise application teams on secure integration