• Assess information security risks in line with internal policy and external best practices. • Support security of information and IT assets by testing security systems and applying security standards, policies, and procedures. • Manage third-party providers to ensure adherence to standards. • Provide information security training to appropriate teams. • Lead incident triage and mitigation, providing expert-level analysis. • Coordinate with internal stakeholders, mentor junior analysts, and provide technical direction. • Communicate technical issues effectively with both technical and non-technical stakeholders. • Submit and manage incident tickets within existing ticketing systems. • Conduct live response activities on managed endpoints within the scope of permitted access. • Deliver technical training sessions to enhance organizational security awareness.

• Lead and oversee day-to-day SOC operations, ensuring effective alert triage, escalation, and incident response • Serve as a senior escalation point for SOC Analysts during complex or high-impact security events • Ensure adherence to established SOPs, policies, escalation paths, and forensic procedures • Monitor SOC performance, identify operational gaps, and recommend process improvements • Provide guidance, mentorship, and operational direction to SOC Analysts • Own and manage SOC-related projects, including scope definition, execution, and delivery • Prepare, review, and own SOC project Statements of Work (SOWs) • Act as the primary client contact during SOC projects and security incidents • Drive consistent, proactive communication with clients throughout incidents and post-incident reviews • Translate technical findings into clear, executive-level and IT-level communications • Oversee configuration and tuning of alerts across SIEM, EDR/XDR, identity protection, network monitoring, and related tools • Review and validate security events to determine legitimacy and impact • Lead incident response activities through containment, remediation, and closure • Ensure all incidents, findings, and actions are accurately documented and archived • Analyze recurring attack patterns and threat trends; provide security awareness insights to clients and internal teams • Review and track MITRE ATT&CK tactics relevant to client industries • Provide feedback to improve SOC playbooks, detection rules, workflows, and automations • Collaborate with cross-functional teams to enhance overall security posture • Partner with BlueAngle leadership to evolve and enhance SOC offerings and services

• Direct the functions, processes, and operations of the security operations team SOC and ensure policies and procedures are followed. • Lead the security operations team to ensure optimal identification / resolution of security incidents and enhance security. • Ensure SLA compliances, process adherence, process improvement to meet operational objectives. • Manage the collection, documentation and research of security incidents and investigations. • Provide Senior Management with a realistic overview of risks and threats in the Marqeta environment. • Continuous development and maintenance of the incident response management program which includes incident detection, analysis, containment, eradication, recovery and chain of evidence / forensic artifacts. • Ability to work directly with all levels of Marqeta employees (Executive, Senior management, SMEs.) • Create and maintain reports, dashboards, and metrics of security operations for regular reporting and presentation to management. • Manage the process improvement program for security operations processes. • Conduct scheduled and ad hoc training exercises to ensure staff are current with the latest threats and incident response techniques. • Provide direction, leadership and management of security operations personnel. • Create a high-performing team culture where team members are supported, standards are consistently upheld, people are treated with respect, and everyone feels a sense of belonging. • Manage cross-functional response with Fraud and Risk for cyberfraud activities • Lead best practices for detection engineering lifecycles collaboratively with the detection engineering team, ensuring high quality metrics around alert quality and optimization • Lead development of security playbooks for incident response and collaborate on security automation strategy with detection engineering • Develop and maintain modern threat intelligence program • Leverage modern AI/ML tools as a force multiplier

• Serve as a primary responder for AFC customer systems, taking ownership of client configuration issues and tracking through resolution. • Act as a point of escalation for junior level Engineers and provide guidance and mentoring. • Advise best practice on SIEM/MDR/SOAR products to both technical and relatively non-technical personnel. • Provide remote consulting services via interactive client sessions to assist with implementation of multiple product vendors and technologies. • Implement and configure SIEM/MDR/SOAR software and appliance-based products in large enterprise and Government environments. • Develop and maintain security content and reporting. • Perform knowledge transfers to clients regarding security and system configuration awareness.