Role Description At Ten, we are looking for a Lifestyle Manager to deliver exceptional concierge services to our members across multiple channels. You will use your customer service skills to handle requests such as: - Restaurant reservations - Ticket quotations and purchases - Travel bookings - Leveraging internal systems, research tools, and supplier partnerships As a Concierge Telefonico, your main responsibility will be to provide outstanding online customer service—efficiently and promptly resolving requests via phone, email, or chat. You will also support your manager with basic activities, participate in team meetings, and engage in training and self-development opportunities. This is a permanent position, exclusively on the overnight shift. Qualifications - Currently attending undergraduate studies or completed high school - Intermediate English (B1–B2), both written and spoken - Experience in customer service or working with the public - Availability to work an overnight shift - Proficiency in Microsoft Office suite - Desirable: experience abroad (exchange programs) - Desirable: at least 1 year of experience in travel agency, concierge, hospitality, or tourism Requirements - Respond to customer requests via phone, email, and chat, meeting response time targets - Resolve requests online whenever possible, ensuring efficiency and accuracy - Contact external suppliers and brokers to arrange services on behalf of customers - Clearly communicate supplier terms and conditions to customers before transactions - Provide occasional support in leadership activities when required - Assist with simple requests from customers in other Ten Global offices - Participate in internal meetings and training sessions (feedback, quarterly evaluations, project updates) - Engage in self-development through courses, languages, travel, or Ten’s e-learning platform - Fully explore and understand each client’s requests, using concierge expertise to propose suitable options Benefits - Opportunity to gain experience in a global concierge environment - Training and development through Ten Learning tools - Exposure to international clients and suppliers - A dynamic and supportive team culture

• Own the operation of our GRC platform and ensure evidence, controls, and risks are tracked and updated • Support internal and external audits (PCI, SOC 1 and 2, BCB 85/21), control testing, and remediation tracking • Map risks, define controls, and partner with teams across Cybersecurity, Engineering, Product, and Legal • Participate in the evolution of our automated bots that streamline GRC • Explore opportunities to automate and integrate GRC workflows using APIs, scripts, or AI tools

Role Description The Senior Cyber Security Engineer is a hands-on technical leader responsible for designing, building, and owning Virtuoso’s security infrastructure in a cloud-first environment anchored in Microsoft Azure. This role moves well beyond monitoring and reporting — the engineer architects Zero Trust security controls, drives DevSecOps adoption across engineering teams, and owns the full lifecycle of security tooling from evaluation through production. The Sr. Cybersecurity Engineer leads vulnerability management, incident response capabilities, and SIEM/SOAR operations, while maintaining ISO 27001 and PCI-DSS compliance programs and delivering executive-level security intelligence to leadership. This individual is the primary technical authority for protecting Virtuoso’s data, systems, and cloud workloads — a builder who makes the environment demonstrably more secure every quarter. Essential Duties and Responsibilities - Cloud Security Architecture & Engineering - Design and architect security controls across Virtuoso’s Azure-primary cloud environment, including network segmentation, encryption standards, and identity boundaries. - Architect and implement Zero Trust security principles across cloud, hybrid, and SaaS environments. - Own Microsoft Defender for Cloud and Azure Policy configurations — design guardrails, enforce compliance baselines, and remediate posture findings. - Design and implement Azure Firewall rules, network security groups, and Cato Networks SASE policies. - SIEM / SOAR & Incident Response - Architect, implement, and continuously improve Virtuoso’s SIEM/SOAR platform — own analytics rules, playbooks, workbooks, and data connector onboarding. - Design and lead incident response capabilities: build runbooks, lead tabletop exercises, and drive post-incident reviews that produce measurable hardening. - Operate and tune endpoint detection and response (EDR) platforms; investigate and contain endpoint threats with full ownership through closure. - Vulnerability Management & Threat Intelligence - Own the enterprise vulnerability management program end-to-end: tooling selection, scan cadence, automation of remediation tracking, and SLA enforcement with asset owners. - Lead the threat intelligence program — ingest, analyze, and operationalize threat feeds into detection rules and preventive controls. - Conduct and coordinate penetration testing activities; translate findings into prioritized engineering remediation plans. - Identity & Access Management Security - Own identity security in Microsoft Entra ID (Azure AD): design Conditional Access policies, Privileged Identity Management (PIM) workflows, and enforce least-privilege across the environment. - Define and enforce authentication standards (MFA, phishing-resistant authenticators, passwordless) across all workforce and privileged accounts. - DevSecOps & Security Automation - Lead DevSecOps integration — embed automated security gates (SAST, DAST, SCA, secrets scanning) into Azure DevOps and GitHub Actions CI/CD pipelines. - Build and maintain security automation using PowerShell, Python, and Azure-native tools (Logic Apps, Azure Functions) to reduce manual effort and accelerate response. - Own Infrastructure as Code (Terraform, Bicep, ARM templates) security practices — design secure templates and enforce policy-as-code. - Compliance, Audit & Data Platform Security - Support ISO 27001 and PCI-DSS compliance programs — maintain control documentation, manage evidence collection, and lead internal audit cycles without external handholding. - Support GDPR and CPRA compliance requirements, translating regulatory obligations into technical controls. - Design and maintain security monitoring, access controls, and data masking configurations for the Snowflake data platform. - Evaluate, implement, and own security tooling decisions; manage vendor relationships and license optimization for the security stack. - Reporting & Community Engagement - Produce executive-level security metrics, dashboards, and risk reports that translate technical posture into business-relevant language for leadership and the board. - Engage with the security community through threat intelligence sharing, industry groups, and continuous learning; bring external insights back to improve Virtuoso’s defenses. Qualifications - 5–7 years of progressive cybersecurity experience with demonstrated ownership of engineering-level deliverables (not just monitoring or support functions). - Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field — or equivalent practical experience with professional certifications. - Proven track record of designing and shipping security capabilities in cloud environments, not solely operating inherited tooling. Requirements - AZ-500 — Microsoft Azure Security Engineer Associate (Highly Preferred): Directly validates the Azure-native security engineering skills central to this role. - CISSP — Certified Information Systems Security Professional: Validates breadth of security knowledge and engineering-level thinking across domains. - CCSP — Certified Cloud Security Professional: Validates cloud security architecture knowledge essential for a cloud-first environment. - OSCP — Offensive Security Certified Professional: Demonstrates hands-on penetration testing capability and attacker mindset. - CompTIA Security+ / PenTest+: Accepted as a foundational certification for candidates building toward CISSP or OSCP. Benefits - Competitive salary and full benefits package, including medical/dental/vision/life. - 401(k) savings plan. - Equal opportunity employer, dedicated to promoting a diverse workforce. Travel Requirements - Occasional travel (up to 10%) may be required for vendor meetings, security conferences, or audit activities. - Travel will be primarily domestic but may include some international. Type/Nature of Contacts - External: Regular contact with security vendors and managed service providers, PCI-DSS QSA auditors and ISO 27001 certification body, and threat intelligence sharing communities and industry groups. - Internal: Key job contacts include both clerical, technical staff and managers within the job’s immediate work unit/department, as well as regular cross-departmental work.

• Develop detections and other analytics to identify threats across cloud, corporate, and edge environments • Lead security investigations and perform deep-dive analysis across complex log sources and telemetry to identify root causes • Research, evaluate, implement, and maintain a variety of custom and commercial security tools, such as EDR, SOAR, and SIEM • Build custom tooling and automations to improve the detection lifecycle and security incident response • Develop and maintain incident response playbooks and other detection and response documentation • Conduct threat hunts to discover unknown malicious activity across our environment • Participate in our on-call rotations