• Implement and sustain security controls aligned to CMMC Level 1/2, NIST SP 800-171, and CUI/ITAR requirements • Design and maintain PKI (Public Key Infrastructure) and certificate lifecycle • Implement and manage Identity & Access Management (IAM/IGA) solutions • Drive continuous compliance monitoring and maintain ongoing audit readiness • Support ITGC controls in alignment with established governance frameworks • Serve as the primary Level 3 escalation resource for complex infrastructure and security challenges • Mentor and provide technical guidance to junior engineers • Champion operational continuity and long-term infrastructure stability • Oversee patch management and vulnerability remediation programs • Manage Group Policy (GPO) design, implementation, and enforcement • Develop and maintain secure, standardized golden images • Apply CIS/NIST hardening baselines across systems and environments • Support secure lifecycle management from deployment through decommission • Support Active Directory / Azure AD (Entra ID) architecture, integrations, and governance • Administer Microsoft Intune for endpoint compliance and configuration management • Deploy and manage virtual machines and cloud services within Azure, including GCC High • Design, maintain, and optimize infrastructure across hybrid Azure environments

• Design and develop detection logic and security rules to identify threats, suspicious behaviors, and misconfigurations across SaaS applications. • Research SaaS platforms (e.g., Google Workspace, Microsoft 365, Salesforce, Slack, etc.) to understand security models, APIs, and potential attack surfaces. • Translate real-world attack techniques and SaaS security risks into scalable product capabilities, including detections, posture checks, and risk signals. • Contribute to both threat detection and posture management content, ensuring broad coverage across identity, access, integrations, and data exposure risks. • Analyze large-scale SaaS telemetry to identify patterns, anomalies, and opportunities for new detections or improvements. • Continuously improve detection quality by reducing false positives and ensuring signals are actionable for customers. • Collaborate with Engineering to productionize detection logic and ensure reliable execution at scale. • Partner with Product to shape how security insights are surfaced, prioritized, and explained to users. • Stay current on emerging SaaS attack techniques, identity threats, OAuth risks, and AI-related security considerations. • Contribute to internal knowledge sharing and help elevate SaaS security expertise across the organization.

• Implement and sustain security controls aligned to CMMC Level 1/2, NIST SP 800-171, and CUI/ITAR requirements • Design and maintain PKI (Public Key Infrastructure) and certificate lifecycle • Implement and manage Identity & Access Management (IAM/IGA) solutions • Drive continuous compliance monitoring and maintain ongoing audit readiness • Support ITGC controls in alignment with established governance frameworks • Serve as the primary Level 3 escalation resource for complex infrastructure and security challenges • Mentor and provide technical guidance to junior engineers • Champion operational continuity and long-term infrastructure stability • Oversee patch management and vulnerability remediation programs • Manage Group Policy (GPO) design, implementation, and enforcement • Develop and maintain secure, standardized golden images • Apply CIS/NIST hardening baselines across systems and environments • Support secure lifecycle management from deployment through decommission • Support Active Directory / Azure AD (Entra ID) architecture, integrations, and governance • Administer Microsoft Intune for endpoint compliance and configuration management • Deploy and manage virtual machines and cloud services within Azure, including GCC High • Design, maintain, and optimize infrastructure across hybrid Azure environments

• Implement and maintain AWS security configurations across development, staging, and production environments • Apply IAM best practices, including least-privilege access and role-based access controls • Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie • Participate in cloud security reviews for new and existing services • Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines • Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework • Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts • Participate in threat modeling and security design reviews • Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep) • Partner with engineering teams to remediate vulnerabilities and improve secure coding practices • Support development and maintenance of secure coding guidelines • Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications • Support internal and external penetration testing activities • Help track and report on vulnerability metrics and remediation progress • Support compliance efforts such as SOC 2 Type II and ISO 27001 audits • Collaborate with team members to improve security processes and documentation • Contribute to security runbooks and incident response procedures