Title: Specialist-Infrastructure Operations_D-2318 Location: India United States Job Description: Tools Proficiency: Expertise in common tools such as ServiceNow, Jira, Confluence, SAP Office365 Services, Active Directory, Entra-ID, NetIQ Identity Manager, One Identity Manager, CIS Security Standards and Practices: Understanding of security frameworks like ISO 27001, NIST, and best practices for network security as well as GISF Lifecycle Management: Knowledge of HR lifecycle management and end-of-life processes. Collaboration: Strong interpersonal skills to work effectively with international teams and stakeholders. Supportive Attitude. Stakeholder Engagement. Communication Skills (English): Ability to communicate technical information clearly and understandably, both in writing and verbally. Cultural Awareness: Sensitivity to work in a diverse and multicultural environment. Qualifications - Bachelor's degree in Computer Science, Information Security, or a related field. Master's degree preferred. - Minimum of 5 years of experience in Identity and Access Management. Your benefits: - We offer a hybrid work model which recognizes the value of striking a balance between in-person collaboration and remote working incl. up to 25 days per year working from abroad - We believe in rewarding performance and our compensation and benefits package includes a company bonus scheme, pension, employee shares program and multiple employee discounts (details vary by location) - From career development and digital learning programs to international career mobility, we offer lifelong learning for our employees worldwide and an environment where innovation, delivery and empowerment are fostered - Flexible working, health and wellbeing offers (including healthcare and parental leave benefits) support to balance family and career and help our people return from career breaks with experience that nothing else can teach About Allianz Technology Allianz Technology is the global IT service provider for Allianz and delivers IT solutions that drive the digitalization of the Group. With more than 11,000 employees located in 20 countries around the globe, Allianz Technology works together with other Allianz entities in pioneering the digitalization of the financial services industry.We oversee the full digitalization spectrum - from one of the industry's largest IT infrastructure projects that includes data centers, networking and security, to application platforms that span from workplace services to digital interaction. In short, we deliver full-scale, end-to-end IT solutions for Allianz in the digital age. D&I statement Allianz Technology is proud to be an equal opportunity employer encouraging diversity in the working environment. We are interested in your strengths and experience. We welcome all applications from all people regardless of gender identity and/or expression, sexual orientation, race or ethnicity, age, nationality, religion, disability, or philosophy of life.

• Manage event and information intake to include intelligence reports • Monitor ticket queues • Investigate reported incidents • Interact with other security and infrastructure groups as necessary • Review incidents to assess their urgency and escalate incidents if necessary • Triage alerts • Correlate and analyze events and data to determine the scope of cyber security incidents • Recognize attacker tactics, techniques, and procedures as potential indicators of compromise (IOCs) • Assist in tuning SIEM and IDS alerting to reduce false positives, improve productivity, and improve detection capabilities • Develop automation playbooks • Provide prescriptive remediation guidance to IT and network teams • Document incident responses with the detailed root cause and recommendations • Provide 24x7 (on-call) support • Monitor and manage/support all event sources, Endpoint Protection Systems (EDR/XDR), and other security tools to monitor and manage security incidents • Participate in organizational projects, as required • Ticket & Ticket Management

• Actively monitor SIEM, IDS/IPS, EDR, firewalls, and other security systems for suspicious activity • Triage and analyze security alerts, identifying true threats vs. false positives • Support incident response activities including triage, containment, eradication, and recovery • Analyze security logs and correlate events across multiple sources • Integrate threat intelligence into monitoring workflows and incident investigations • Document incident details, timelines, and actions taken • Assist in tuning, configuring, and maintaining security tools • Support compliance initiatives aligned to NIST, FISMA, and internal policies • Collaborate with SOC team members, incident responders, and IT operations • Maintain awareness of emerging cyber threats, vulnerabilities, and security practices

As Marqeta’s Security Operations Intern, you will gain hands-on experience building and validating security operations capabilities for a publicly traded payments technology company. You’ll join the Security Operations and Response team within the Product and Infrastructure Security organization, where you’ll validate and formalize incident response procedures, develop SOAR-based runbook automations, and design tabletop exercises that test our operational readiness against real-world threat scenarios. This role is grounded in security operations fundamentals—procedure development, incident response methodology, and team coordination—with opportunities for exposure to detection engineering and automation workflows. We work Flexible First. This role can be performed remotely anywhere within Ontario or British Columbia, Canada. We’d love for you to join us! This will be a 12 week internship program, beginning on June 8th and running through August 28th, 2026. This position is not for an existing vacancy. The Impact You’ll Have - Validate and formalize incident response procedures aligned to Marqeta’s Cybersecurity Incident Response Plan (CIRP), ensuring documentation is accurate, current, and actionable for both human operators and AI-assisted workflows - Develop SOAR runbook automations in Cortex XSOAR that operationalize validated procedures, translating human-readable response steps into repeatable, automated workflows - Design and facilitate a series of tabletop exercises within the Security organization that test procedure effectiveness, team coordination, and escalation paths across security functions including Security Operations, Compliance/TPRM, and Identity - Contribute to post-exercise improvement reports that drive measurable enhancements to Marqeta’s security posture and operational readiness - Gain exposure to detection engineering and automation workflows, including opportunities to observe and contribute to the team’s detections-as-code pipeline and MITRE ATT&CK coverage mapping Who You Are - Currently pursuing a Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Information Systems, or a related field, with an expected graduation date between December 2025 and June 2027 - Foundational knowledge of security operations concepts including log analysis, intrusion detection, incident response lifecycles (NIST or similar), and common attack techniques - Familiarity with at least one scripting or programming language (Python, Bash, or similar) and comfort working in Linux and cloud environments (AWS preferred) - Strong written communication skills with the ability to translate technical processes into clear, structured documentation suitable for both operational use and executive audiences - Interest in incident response methodology, security procedure development, and operational readiness—you care about how security teams actually execute under pressure - A proactive, detail-oriented approach to problem-solving with the ability to work independently while knowing when to escalate or ask for guidance Nice-To-Haves - Relevant certifications or coursework such as CompTIA Security+, CySA+, BTL1, or GIAC certifications - Experience with SOAR platforms (Cortex XSOAR, Tines, or similar), SIEM platforms, or EDR tools - Prior internship, co-op, or project experience in a security operations center (SOC) or incident response context - Understanding of or interest in the MITRE ATT&CK framework and how it applies to detection and response operations - Exposure to compliance frameworks relevant to financial services such as PCI DSS - Experience facilitating exercises, workshops, or structured reviews in any context Typical Process - Application Submission - Recruiter Video Call - Hiring Manager Video Call - Final Round consisting of 1-2, 45-60 min calls - Offer! At this point, we hope you're feeling excited about the role. You're encouraged to apply even if your experience doesn't precisely match the job description. Your skills and passion will stand out—and set you apart—especially if your career has taken some extraordinary twists and turns. We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so again, don’t hesitate to apply — we’d love to hear from you. Compensation and Benefits Marqeta is a Flex First company which allows you to choose your best working environment, whether that be from home or at a company office. To support Flex First, we calibrate pay to a competitive value according to working location. When determining pay, we consider several factors including, but not limited to, skills, prior experience, and work location. The 2026 Internship weekly rate, reflected in CAD, is: 1,468/week Along with monetary compensation, Marqeta offers Interns: - 3 Vacation Days - A Remote, Flex First Environment - A Mentor and Intern Buddy - Real Life Projects