• Design and build shared libraries, platform guardrails, and internal tools that make the secure path the easy path for engineers • Review architecture, technical designs, and production code for security issues in product and platform systems • Perform pragmatic threat modeling for new features, workflows, services, and integrations • Improve core security patterns across the stack, including authentication, authorization, secrets handling, secure logging/redaction, auditability, and sensitive-data protections • Build or improve developer-facing security automation in CI/CD and local workflows, including code scanning, dependency policy, secret detection, and infrastructure checks, with a bias toward low-noise, high-signal results • Work directly with engineers to remediate vulnerabilities in code and design, focusing on durable fixes and reusable patterns rather than one-off tickets • Help define and evolve a lightweight secure SDLC that fits a fast-moving startup environment • Contribute to incident analysis and postmortems when product or platform security issues arise • Write clear documentation, examples, and decision records that help teams build securely without unnecessary friction

• Collaborate with IT, SRE and Software engineering teams to define and implement security best practices across Serve’s cloud infrastructure (AWS/GCP). • Develop and support internal security risk assessment processes as part of Serve’s software and system lifecycle and third party vendor acquisitions. • Develop, maintain, and improve automation tools for secure configuration management and continuous monitoring (e.g., runtime security, image scanning, IAM policy enforcement). • Design and deploy infrastructure and application security controls to protect critical information systems. • Design and deploy endpoint security measures to protect IT managed devices. • Design and implement IT infrastructure hardening requirements for on-premise network infrastructure: firewalls, switches, and on-premise storage etc. • Research and monitor threats and vulnerabilities, perform impact assessments and drive remediation actions partnering with engineering teams. • Participate in the triage, investigation, and resolution of security incidents. • Participate in the Security team on-call rotation.

• Reporting to the General Counsel this position provides strategic and operational legal support across legal issues in cybersecurity, data privacy, artificial intelligence, and data governance. • Develop, implement, and maintain the organization's comprehensive data governance and security, privacy and compliance frameworks and policies. • Serve as the Privacy Officer and primary legal and operational authority on HIPAA, including Privacy Rule and Security Rule requirements. • Ensure adherence to global, federal, state and emerging privacy laws (GDPR, CPRA, etc.), as applicable. • Advise executive leadership on cybersecurity risk, mitigation, data governance, and regulatory obligations. • Lead internal audits, risk assessments, and incident response planning. • Manage relationships with outside counsel, regulators, and third-party vendors on compliance matters. • Educate staff on data handling, privacy practices, and security threats. Organize and oversee employee training programs on data privacy, security protocols, and HIPAA obligations. • Monitor evolving federal and state data privacy legislation and assess organizational impact. • Draft and enforce internal data security policies, procedures, and Business Associate Agreements (BAAs). • Represent the organization in regulatory investigations or breach notification proceedings, remediation efforts, and regulatory notifications.

• Strategic development of the Hamburg, Ruhr area, Rhineland and Leipzig regions • Position pco as an MSP and MSSP • Identify target customers and manage the full sales cycle – from initial contact to closing • Develop solutions combining Modern Infrastructure, Cyber Security, Cloud Services and Managed Services in collaboration with Consulting and Presales • Continuously build and actively manage a robust pipeline • Increase pco's visibility through client meetings, relationship building and on-site presence • Actively contribute ideas to open up new customer segments