Role Description Our client is seeking a motivated Junior Identity Security Metrics Consultant & Databricks Analyst to support enterprise identity security initiatives and data analytics efforts across modern identity and cloud platforms. The ideal candidate will assist in generating “metrics-that-matter” within identity ecosystems such as Okta and Ping while leveraging Databricks to extract, analyze, and report on operational and security-related data. This role requires a blend of identity security knowledge, analytical thinking, and data storytelling capabilities. The candidate will work closely with technical and business stakeholders to develop meaningful security metrics, support identity-related implementations, and create executive-level reporting that enhances visibility into authentication, access management, and enterprise security posture. The position demands strong communication skills, attention to detail, and the ability to collaborate across multiple functional teams in support of mission-critical identity and analytics initiatives. Responsibilities - Support identity security initiatives by developing and maintaining meaningful security metrics and reporting capabilities across enterprise identity platforms such as Okta and Ping. - Extract, analyze, and generate reports from Databricks environments to support operational insights, security initiatives, and data-driven decision-making. - Assist with leveraging artificial intelligence and machine learning (AI/ML) capabilities to improve fraud detection, identity authentication processes, and enterprise data quality initiatives. - Prepare presentations, dashboards, and executive briefings that effectively communicate trends, risks, and insights through storytelling with data. - Provide support for technical implementations related to identity and access management tools, including configuration, reporting, and data integration activities. - Validate data accuracy and integrity across identity systems and analytics platforms while identifying inconsistencies, reporting gaps, or data anomalies. - Work collaboratively with cross-functional teams, project stakeholders, and leadership to support identity security modernization efforts and analytics initiatives. - Maintain documentation, reports, and operational procedures related to identity metrics, analytics processes, implementation activities, and reporting standards. Qualifications - 1+ years of experience supporting identity security, data analytics, Databricks analysis, or related technical consulting initiatives in enterprise environments. - Experience supporting identity and access management (IAM) tools and platforms such as Okta, Ping, SailPoint, or similar enterprise identity technologies. - Hands-on experience using Databricks or similar analytics platforms for data extraction, reporting, dashboard creation, and operational analysis. - Familiarity with artificial intelligence and machine learning (AI/ML) concepts related to fraud detection, authentication analysis, anomaly detection, and enterprise data quality improvement. - Experience supporting technical implementations, integrations, reporting activities, or platform configuration related to identity security or analytics environments. - Ability to develop executive briefings, dashboards, presentations, and data-driven reporting materials for technical and non-technical stakeholders. - Strong verbal and written communication skills with the ability to collaborate effectively across multiple functional groups, leadership teams, and project stakeholders. - Bachelor’s degree in Computer Science, Engineering, Management Information Systems, Cybersecurity, Data Analytics, or an equivalent technical field. - Must be eligible to obtain and maintain a DoD Secret clearance. Preferred Qualifications - Familiarity with enterprise cloud environments, identity governance, authentication systems, or security operations processes. Benefits - Medical, Dental, and Vision Insurance - Holidays - Paid Time Off (PTO) - Life Insurance - Short Term Disability - Long Term Disability - 401(k) Plans - Career Development - Certifications - Training and Development

• Conduct comprehensive security assessments and risk analyses of systems, networks, infrastructure, and applications to identify vulnerabilities and drive improvements across both on-premises and cloud postures. • Lead the design, development, and implementation of security controls, tool integrations, security log onboarding, incident response plans, and automation for compliance checks, alerts, and reporting. • Own and manage the administration of core security platforms and technologies, including EDR, SIEM, DLP, vulnerability management, firewalls, and web application firewalls. • Perform technical security assessments, penetration testing, code audits, and offensive/defensive security exercises to continuously evaluate, strengthen, and validate detection and response capabilities. • Utilize AI tools and methodologies to improve productivity, automate threat detection, vulnerability scanning, and alerting, proactively identifying and mitigating emerging threats. • Provide expert guidance and mentorship to internal teams on SIEM, Incident Response, WAF, and evidence requirements for frameworks such as ISO27001, SOC2, PCI DSS, and NIST. • Continuously monitor security events, lead security investigations, and coordinate incident response activities during active security breaches. • Stay current with emerging technologies (including AI, machine learning, and IoT risks), trends, threat intelligence, security certifications, and compliance regulations. • Proactively advocate for process improvement and security innovation across the organization. • Prepare and deliver documentation and dashboards for stakeholders and customers, conveying actionable insights from security-related activities and findings.

Role Description Lead Cloud Infrastructure & SRE: - AWS (ECS, EKS, networking, VPCs, IAM) - Databases (PostgreSQL, Kafka, DynamoDB) - IaC standards, SLOs, error budgets, DR/BCP, and a sustainable on-call program Own CI/CD & Developer Experience: - GitLab CI across ~150 repos: build speed, reliability, test signal, release safety, environments, and paved roads for new services Drive Observability & Cloud Cost: - High signal logging/metrics/tracing/alerting stack - SLO instrumentation - Cloud cost attribution by team/service - FinOps practice Lead Application & Cloud Security end-to-end: - Secure SDLC, SAST/DAST/SCA - Vuln triage and SLAs - Secrets hygiene, IAM, CSPM Partner with IT to support compliance program, customer security questionnaires, and pen-test remediation. Own Vendor & Tooling Portfolio: - Build-vs-buy decisions - Vendor selection, POCs and lifecycle across observability, CI/CD, security, and incident management Grow and Develop the Team: - Hire, onboard, and mentor engineers - Actively participate in recruiting; interview candidates, provide calibrated feedback, and raise the bar - Conduct regular 1:1s, provide actionable feedback, and support career development for each team member - Build a culture of urgency, ownership, customer empathy, and continuous improvement Qualifications - 7+ years of infrastructure or SRE engineering experience - At least 3 years managing platform, infra, or SRE teams in a product-focused SaaS environment - Production AWS ownership — you've run HA workloads on AWS at scale - Infrastructure as code - you've built and scaled IaC practices using Terraform - CI/CD fluency — you've built or owned pipelines in GitLab CI, GitHub Actions, Jenkins, or similar - Observability ownership - you've built or evolved an observability stack - Incident command - you've run customer-facing major incidents - Application security - you've embedded security into the SDLC - Cloud security posture - you own IAM, secrets management, network segmentation, and CSPM - Compliance partnership - you've worked alongside IT on compliance programs - Deeply hands-on - you've kept your technical edge as your teams have grown - Bias for action - you default to doing, not delegating - Active AI adoption - you use AI-assisted tools as part of your daily workflow Preferred - B2B SaaS experience with Salesforce coupling — managed packages, org provisioning, integration patterns - CPQ, billing, or revenue domain — high-stakes correctness, audit-relevant data - Experience standing up a Platform Engineering practice or internal developer platform Tech Stack - Salesforce Platform: Apex, Lightning Web Components (LWC), SOQL, Flows, managed packages - Backend: Java (Spring Boot), Node.js, REST APIs, GraphQL - Frontend: React 16, TypeScript, Material-UI, Webpack - Database: PostgreSQL (AWS RDS), Salesforce SOQL/SOSL - Infrastructure: AWS (Lambda, SQS, S3), Kafka, Docker, GitLab CI/CD - AI Tooling: Claude Code, Windsurf, Copilot (used daily across engineering) - Collaboration: Jira, Slack, Gem, Fellow, Confluence

• Define and evaluate the implementation of cybersecurity controls, including but not limited to, embedded operating system, encryption, access controls, network security, and secure coding practices. • Specific hands-on knowledge with implementation of cybersecurity embedded operating systems, networking, and cryptographic controls. • Conduct, with a cross-functional team, process activities to define requirements, find design deficiencies, detect implementation defects, verify the product’s cybersecurity posture, and otherwise secure Torc’s products. • Collaborate with product development teams to embed security into their design and development lifecycle of products and other software development activities. • Stay abreast of emerging cybersecurity threats and technologies and continuously update our software security approaches, strategies, and solutions accordingly. • Liaise with external security vendors and partners, managing relationships, and ensuring the effective integration of third-party security solutions. • Prepare and present evidence in the cybersecurity case to demonstrate readiness to launch new products or release new software versions from a cybersecurity perspective. • Train internal stakeholders on security practices and act as a resource where expert cybersecurity assistance is needed.