• Engineer secure-by-default endpoint baselines for macOS and Windows Endpoints, including encryption, firewall, application controls, device compliance, and configuration standards. • Automate and scale identity and access controls in Entra ID and Google Workspace (SSO, SCIM, conditional access, privileged access workflows, access reviews, joiner/mover/leaver). • Codify security controls as code (Terraform/configuration profiles/policy-as-code), with peer review, change history, testing/rollback, and measurable outcomes. • Build and maintain automations and integrations (e.g., n8n/SlackOps/APIs/scripts) that reduce manual access grants, speed up control changes, and eliminate repetitive workflows. • Harden SaaS and collaboration platforms by reducing unmanaged apps and enforcing strong authentication, least privilege, sharing controls, and data protection guardrails. • Improve visibility and detection by ensuring logging coverage and telemetry for endpoint, identity, and key SaaS applications (e.g., Defender/Sentinel and vendor logs where relevant). • Drive vulnerability and configuration drift reduction through patch compliance targets, remediation pipelines, and reporting that leadership can act on. • Partner with compliance and risk stakeholders to produce evidence, document controls, and operationalize requirements without creating brittle, manual processes. • Participate in an on-call rotation (every ~3 weeks) for escalations related to identity, endpoint security, and critical enterprise systems.

• Advise senior executives on security strategy, modernization pathways, and multi‑year roadmaps that translate risk reduction into business value. • Distill complex security concepts into outcomes and decisions that resonate with C‑suite and senior leadership. • Lead recurring executive touchpoints—program reviews, steering committees, and health checks—to keep initiatives aligned and accountable. • Drive engagement momentum by removing roadblocks, orchestrating stakeholders, and ensuring planned outcomes are achieved. • Lead multi‑workstream, enterprise‑scale network security transformations—spanning architectures, migrations, and modernization programs—with an unwavering focus on quality. • Delegate workstreams to qualified team members enabling scale of delivery. • Provide hands-on technical guidance developing team capability. • Architect secure network designs that enable Zero Trust, micro‑segmentation, secure remote access (VPN/ZTNA), cloud perimeters, and resilient data center security fabrics. • Establish standards, reusable patterns, and delivery frameworks to drive consistency and scale across the practice. • Review and approve technical deliverables to ensure alignment with client standards, regulatory frameworks, and best practices. • Partner closely with account teams on strategic security campaigns—assisting with presales activities such as scoping, and solution strategy to win and expand business. • Identify and close follow‑on services within existing accounts through credibility, relationships, and demonstrable impact. • Contribute proactive pipeline insights and opportunity identification to support accurate forecasting. • Develop methodologies, tooling, and processes that improve the efficiency and repeatability of our Network Security practice. • Produce thought leadership—whitepapers, blogs, reference architectures, conference presentations—and represent AHEAD in public forums. • Support talent acquisition, interviewing, and onboarding of senior network security engineers; mentor and elevate the team.

• Drive the organization's defensive security capabilities across detection engineering, security orchestration, automation, and response (SOAR) • Co-lead the organization's threat hunting program • Integrate new threat intelligence into high-fidelity detections • Automate incident response processes to maximize team efficiency and response speed • Collaborate closely with the SOC Manager to co-lead threat hunting initiatives • Partner with cross-functional security teams to build and scale security operations capabilities

• Serve as the primary security point of contact and trusted advisor for a portfolio of strategic enterprise customers. • Build deep relationships with customer security, engineering, and leadership teams. • Provide tailored security recommendations aligned to each customer’s infrastructure. • Act as the voice of the customer internally, advocating for customer needs. • Collaborate cross-functionally to drive resolution of complex security issues. • Identify opportunities to improve customer experience and team efficiency. • Design and deliver security workshops, technical deep dives, and enablement sessions. • Contribute to internal initiatives such as professional services engagements. • Coach and mentor junior team members.