• Execute hypothesis-driven threat hunts across AWS, identity, endpoint, and network telemetry, documenting findings and recommended control or detection improvements. • Build, tune, and maintain SIEM detections focused on high-risk behaviors such as IAM misuse, persistence, privilege escalation, and data access or exfiltration. • Reduce alert noise through structured tuning, baselining, and enrichment while preserving meaningful coverage. • Map detections and hunts to MITRE ATT&CK techniques to identify and close visibility gaps. • Support investigation and containment of security incidents, performing log analysis, scoping impact, and documenting findings. • Contribute to the development and refinement of incident response playbooks for common cloud and identity-based scenarios. • Produce clear after-action reports that identify root cause, control gaps, and prioritized remediation steps. • Participate in periodic tabletop or fire drill exercises to validate readiness and improve response coordination. • Participate in purple team exercises to validate detection effectiveness and help prioritize remediation of identified gaps. • Partner with offensive testing and engineering teams to translate findings into improved detections and hardened configurations. • Identify opportunities to strengthen logging, telemetry coverage, and control effectiveness across cloud and enterprise systems. • Develop lightweight automation and scripts to improve investigation speed, enrichment, and reporting consistency. • Maintain well-documented detection logic, hunt results, and response procedures to improve repeatability and team scalability. • Share threat insights and lessons learned with the broader security and engineering community through briefings or written updates.

• Monitor threats against Cisco executives and personnel via vendor intelligence feeds, law enforcement reports, and OSINT research, triaging and escalating based on an established risk matrix • Produce and deliver risk assessments and recommendations ahead of executive travel and perform active monitoring of intelligence feeds to mitigate travel disruptions and risks • Conduct security investigations and maintain awareness of persons of interest (POIs) and potential hostile actors • Draft recurring reports analyzing internal threat metrics, emerging security TTPs, and geopolitical, cyber, and physical threats that may impact leadership, assets, or operations • Contribute to ad-hoc advisories, presentations, and projects on executive security, internal risk, and travel risk management, collaborating with STO Global Security, Executive Protection teams, and partners • Coordinate with Cisco vendors, internal stakeholders, and public/private partners to refine tooling, configure intelligence feeds, and liaise on risk concerns • Provide on-site or remote intelligence support for corporate events, shareholder meetings, and high-profile engagements; assist with pre-event security planning

• Profile and analyze companies by collecting and processing their financials and preparing overviews of business, market, ownership and M&A track records • Develop integrated views on platform and add-on deal opportunities for leading private equity clients across Europe, with our technology supporting and enriching your insights • Support research initiatives and learn about specific niche sectors that we analyze on a weekly basis • Assist with research side projects (e.g. long lists)

• Lead criminal risk initiatives by sourcing, validating, and integrating multi-channel intelligence • Develop and maintain dynamic dashboards using tools such as Power BI or Tableau • Apply advanced analytics (predictive modeling, trend analysis) to uncover criminal risk patterns • Collaborate with law enforcement and industry partners to ensure intelligence sharing • Champion data integrity through rigorous mapping, cleansing, and validation processes • Leverage systems, tools, open-source and social media sites to support investigations • Present intelligence initiatives and dynamic dashboards to Investigation leadership