Role Description We are looking for an intermediate level security specialist to join our Global Cybersecurity Services Team. As part of our modern cybersecurity operating model, the role will be engaged in enhancing our security technology stack, building AI driven security automation workflows and contributing to security operations. We are building a modern, multi-cloud, intelligence driven security operations capability that will heavily involve AI and automation; and will require engineering and operational skills at all levels. Responsibilities: - Threat Monitoring Investigations: Deep dive into Tier 1 & Tier 2 security operations escalations, performing incident triage and root cause analysis. Proficient in performing investigations using open source and proprietary tools, including but not limited to - EPP/EDR/XDR software, Digital Forensics tools/software, SIEM platforms, etc. - AI & Automation: Contribute to building an agentic SOC by deploying AI-driven agents for autonomous threat reasoning and triage. Orchestrate automation workflows from initial detection to containment, utilizing custom scripts and SOAR playbooks to accelerate response times. - Vulnerability Management & Response: Lead rapid response initiatives for zero-day vulnerabilities by conducting technical impact assessments and validating compensating controls to minimize exposure. Engineer multi-layered detection opportunities across the security stack to identify exploitation attempts and bridge visibility gaps throughout the patching lifecycle. - Incident Response: Proficient in end-to-end Incident Response. Able to take the lead and provide guidance during investigations and incidents to pivot the investigation, drive containment, mitigation and other security outcomes. Proficient in cloud-native detection and CNAPP platforms. - Security Projects: Lead projects and initiatives that may involve - Cloud Security Posture Management (CSPM), Container Security, Native Cloud Security Enhancements (AWS, Azure, GCP), Runtime Vulnerability Management, Endpoint Security enhancements, Threat Hunting, Compromise Assessments, Network/Endpoint/Cloud security reviews, etc. Qualifications - 2-5 years of experience in Information Security, with technical hands-on experience in Security Operations, Security Engineering, Digital Forensics, Incident Response, Endpoint Security or Cloud Security. - Experience in AI-augmented software development using tools like Claude Code, Codex, and Gemini, with a deep understanding of LLM methodologies and integration workflows. - Working Experience with SIEM, EPP/EDR/XDR, SOAR, Cloud Security (CSPM, Container Security, etc), Digital Forensics software & tools. - Working experience with Cloud environments like AWS, Azure and GCP. - Experience in using scripting languages to automate tasks and manipulate data or programming experience. - Highly self-motivated, attention to detail and outcome driven. - Proficiency in verbal and written English. - On-call is required. Requirements - #Remote Benefits - We may use artificial intelligence tools to analyze the content of your Resume/CV against the specific requirements for the position. The purpose is to support our recruitment team in reviewing applications more effectively. - These tools assist our recruitment team in their evaluation of your application by providing recommendations, but they do not replace human judgment. - Final hiring decisions are ultimately made by humans who consider the insights generated by the tools along with other relevant information. - If you would like more details about how your personal information is processed, please contact us.

• Participating in internal projects to contribute to best practices and improve our methodology and quality of integrations • Ensuring customer success by focusing on best practice, helping develop a long-term web performance and security strategy • Partnering cross-functionally to review and ensure integration efficiency, deliver high quality service and ensure customer engagement • Collaborating with account teams to evaluate customer streaming architecture and deliver the best of class solutions

• Engineer secure solutions supporting Cyber Threat and Defensive Operations for DoD enclave environments. • Integrate, configure, and monitor Microsoft Defender for Cloud, Sentinel, Azure Policy, Azure Monitor, and Log Analytics. • Automate threat assessment, security reporting, and continuous monitoring workflows. • Develop and maintain Azure-based detections, dashboards, alerts, and automated response playbooks. • Perform and document technical security assessments to identify vulnerabilities and recommend mitigation strategies. • Implement and validate security controls and secure configurations in alignment with DoD, NIST, and organizational policies. • Support all phases of the RMF lifecycle, including control selection, implementation, assessment, authorization, and continuous monitoring. • Mitigate or correct security deficiencies identified during assessments, testing, or audits, and provide risk acceptance recommendations to the ISSM. • Analyze, assess, and report system and organizational security posture trends to the ISSM/ISSO. • Support audit preparation, artifact collection, and evidence validation for compliance activities. • Ensure security operations, configuration changes, and maintenance activities are properly documented and kept current. • Evaluate cybersecurity tools, compensating controls, and security technologies to ensure risk is reduced to acceptable levels, and report findings to the ISSM. • Assist the ISSM/ISSO in developing and maintaining RMF documentation, including System Security Plans (SSPs), security diagrams, control evidence, and ATO package materials. • Ensure security documentation and SSPs remain current and compliant with applicable DoD and program-specific policies. • Support incident response investigations by analyzing security logs, alerts, and system activity.

• This is a senior, hands-on role with intentionally broad scope. • Cloud infrastructure, security operations, and regulatory compliance are consolidated into a single function rather than distributed across a large team. • Design and maintain secure AWS cloud infrastructure using Terraform and Terragrunt, with a focus on IAM least-privilege, account isolation, and security guardrails across multiple AWS environments. • Manage AWS network security: VPC segmentation and design, Transit Gateway architecture, PrivateLink for service isolation, Network Firewall, and Route 53 Resolver for DNS security. • Manage and maintain Cloudflare infrastructure including DNS, WAF, and edge compute. • Architect and operate Cloudflare Zero Trust — including Access policies, Tunnel configuration for private network routing, Gateway egress filtering and DNS security policies, and WARP client deployment. • Manage and tune AWS-native security tooling: GuardDuty, Security Hub, Config, Inspector, CloudTrail, and WAF. • Integrate security controls into CI/CD pipelines (GitHub Actions) — including SAST, DAST, container image scanning, dependency vulnerability checks, and secrets detection. • Enhance container and workload security through image signing, admission controllers (Kyverno), runtime policies, and base image hygiene. • Manage dependency and patch lifecycle across Docker images, Helm charts, Terraform modules, and application packages. • Own and operate security monitoring and incident response: maintain SIEM/log aggregation pipelines, tune alerting for anomalous behavior and policy violations, lead root cause analysis, and document post-mortems. • Conduct and coordinate vulnerability assessments; track findings through to remediation. • Automate compliance checks and drift detection using infrastructure scanning and policy-as-code tooling. • Participate in on-call rotation to respond to security and infrastructure incidents. • Support SEC and FINRA compliance obligations by implementing and documenting technical controls, and partner with legal and compliance teams during audits and regulatory reviews. • Document infrastructure patterns, access controls, and security architecture for audit readiness.