• Oversee all security and privacy initiatives, policies, and procedures • Develop and implement information security strategies including vulnerability assessments • Perform risk assessment and vulnerability analysis • Advise management on developing security threats and appropriate countermeasures • Maintain security measures to guard against unauthorized access to data

Role Description We're building a distributed team and looking for a reliable, curious technician internationally to help us keep client operations running smoothly while developing your security expertise. - Handle day-to-day IT operations for our clients and contribute to internal security projects: - Provision and manage users, groups, and licences in Microsoft 365 or Google Workspace - Onboard laptops (Windows/macOS) into MDM and coordinate remote device handovers - Triage first-line support tickets (password resets, access requests) and escalate complex issues - Run weekly maintenance checks: patch status, backup logs, security alerts - Document fixes and runbooks so processes are repeatable - Contribute to security projects (~20% of your time): CVE research and briefings, laptop hardening scripts, incident-response playbook drafts, ISO 27001 checklist development Qualifications - 2+ years of hands-on experience in IT operations, helpdesk, or systems administration - Proven admin skills in Microsoft 365 or Google Workspace (user/group management, security policies, basic troubleshooting) - Comfortable with MDM platforms (Intune, Jamf, or similar) - Proficient in at least one scripting language (PowerShell, Bash, or Python) - Strong written and spoken English; German is a plus - Reliable internet and a professional remote setup - Self-directed, comfortable working asynchronously across time zones Requirements - Nice to have: - Microsoft 365 Certified (Administrator Expert or Endpoint Administrator) - Google Workspace Administrator certification - Exposure to security frameworks (ISO 27001, SOC 2, or similar) Benefits - Competitive hourly rate: €12–16/hour, paid in EUR - Autonomy: Own your domain; we trust you to manage your work - Growth path: Opportunity to expand into a larger role as we scale - Fully remote: Async-first culture with occasional video syncs during CET-compatible hours

• Install, configure, and commission security equipment including surveillance cameras, access control panels, card readers, alarm sensors, and integration hardware • Perform comprehensive preventive and corrective maintenance on all security hardware systems • Diagnose equipment failures, replace defective components, upgrade firmware, adjust camera positioning and focus, calibrate sensors, and repair or replace damaged cabling and connections • Monitor security hardware performance through diagnostic tools and system health dashboards • Perform real-time troubleshooting when hardware malfunctions occur • Maintain detailed technical records of all installations, repairs, maintenance activities, and system configurations • Install, configure, and maintain access control hardware including electronic locks, card readers, biometric scanners, and door controllers • Provide technical support for integrated security systems, ensuring proper communication between surveillance, access control, and alarm hardware components • Test and verify all emergency exit hardware, alarm notification devices, and life safety integration points

• Conduct comprehensive application security assessments of agentic AI pipelines, tools, and frameworks for leading companies and labs. Examine vulnerabilities in model architectures, guardrails, and deployment infrastructure while developing mitigation strategies. • Develop and share novel prompt injection techniques targeting agentic workflows, including indirect injection via tool outputs, multi-turn manipulation, and cross-agent exploitation. Produce actionable attack libraries and defensive countermeasures for client engagements. • Conduct security assessments of client code bases using a combination of static analysis, dynamic testing, and manual code review, identifying vulnerabilities and developing mitigation strategies, with a focus on findings at the intersection of application security and Agentic AI security. • Conduct threat modeling and risk assessments to proactively identify potential risks for clients and develop mitigation strategies for future prevention, with particular attention to prompt injection attack surfaces in agentic orchestration layers. • Work with leading industry teams to review system code and architecture, and help assure their products through system analysis and modeling. • Develop and contribute to AI regulatory frameworks, establishing assurance methods and auditing processes for mission-critical AI applications while ensuring alignment with emerging industry standards and safety requirements.