Role Description We are seeking an IT Systems Administrator with a strong background in enterprise security operations and cybersecurity. This is a security-first role, with primary responsibility for cybersecurity operations and secondary responsibility for systems administration, focused on protecting critical infrastructure through proactive monitoring, incident response, firewall and endpoint security management, and compliance alignment. The ideal candidate will drive IT cybersecurity standards in support of SOC 2, HIPAA, and other required compliance frameworks. They will lead security adoption across network and operations teams, owning the detection, investigation, and remediation of security risks and threats while ensuring the confidentiality, integrity, and availability of enterprise systems. Primary ownership includes: - Firewall management - Security monitoring - Incident response - Endpoint protection - Compliance In addition to hands-on security operations, this role provides guidance on secure system design, supports regulatory and compliance initiatives, and contributes to the continuous improvement of security controls across on-premises and cloud environments. Qualifications - Must have good English proficiency, both written and verbal. - Bachelor’s degree in Information Technology, Telecommunications, or a related field; or equivalent work experience. - Senior-level experience in systems and security administration. - Strong networking, operating system, and virtualization knowledge. - Experience responding to real-world security incidents. - Proven experience as an IT Systems Administrator, preferably in a telecom-focused organization. - Strong understanding of IT infrastructure, including servers, storage systems, and cloud environments. - Proficiency in managing enterprise software, operating systems (Windows/Linux), and IT tools. - Knowledge of telecom industry applications and requirements is a significant advantage. - Excellent problem-solving and analytical skills with a proactive approach to system management. - Strong interpersonal and communication skills for collaborating with teams and supporting users. - Experience with virtualization platforms (e.g., VMware, Hyper-V) and cloud platforms (e.g., AWS, Azure) is a plus. - Relevant certifications such as Security+, CySA+, CEH, SSCP, ITIL, CompTIA Server+, or Microsoft Certified: Azure Administrator are advantageous. - Ability to multitask and prioritize in a fast-paced, remote working environment. Requirements - Manage enterprise firewalls, including Cisco Meraki, SonicWall, and Fortinet. - Monitor and respond to security alerts using XDR, RMM, and SIEM platforms. - Lead incident response, breach remediation, and root-cause analysis. - Administer Bitdefender Endpoint Protection and similar endpoint security tools. - Secure the Microsoft 365 tenant, including Defender, identity protection, and conditional access policies. - Support SOC 2 and ISO 27002 compliance activities. - Collaborate with internal teams to support telecom-specific applications and integrations. - Monitor system performance, troubleshoot issues, and provide timely resolutions to minimize downtime. - Ensure compliance with telecom industry standards, data protection regulations, and company policies. - Create and maintain documentation for system configurations, processes, and troubleshooting guides. Company Description Founded in 2001, family owned and operated AireSpring is a leading Provider of Cloud Communications, Managed Connectivity and Managed Security which has earned its stellar reputation by taking service and support to the next level, delivering an award-winning customer experience that far exceeds the industry standards. AireSpring has delivered 20 years of outstanding service to its rapidly rising base of national and global customers, while growing organically and remaining debt free. As the trusted provider to over 22,000 enterprise locations worldwide, our mission is to help our clients connect and communicate easily. We aim to delight our customers and partners by providing personalized, outstanding service. The company has built a solid reputation of integrity, reliability and dependability with its channel partners, end-user customers and technology partners. We have received more than 100 coveted industry awards including "Product of the Year- SD-WAN and UCaaS", "Excellence in Customer Service", "Unified Communications Excellence", "Best in Show," "Best Telecom Deal" and "Top Channel Program".

Role Description The Security Engineering team is responsible for protecting Sift’s products, infrastructure, and data while enabling our engineering organization to ship quickly and safely. As a Senior Security Engineer, you’ll be a key technical contributor and subject-matter expert, working on projects that materially reduce risk and strengthen Sift’s security posture. In this role, you will: - Design, implement, and operate security controls and tooling across Sift’s stack. - Work closely with Engineers, SREs, IT, and Legal/Compliance to secure our systems end-to-end—from application code and CI/CD pipelines to cloud infrastructure and identity. - Help define our standards, mentor other engineers on secure practices, and contribute directly to audits and compliance efforts. What you’ll do: - Design and implement security controls and tooling across Sift’s infrastructure and applications (e.g., IAM policies, network controls, secrets management, endpoint protections, container and workload security). - Embed with product and platform teams to perform security design reviews, threat modeling, and code or configuration reviews for new features and services. - Improve the secure SDLC by integrating AI-powered scanning tools, security scanning (SAST/DAST, dependency and container scanning) into CI/CD, and by developing guardrails, templates, and best practices for engineers. - Own or co-own vulnerability management workflows, from discovery and triage through remediation, including defining SLAs, coordinating with service owners, and tracking closure. - Develop automation (scripts, services, integrations) to detect misconfigurations, anomalous activity, or policy violations, and to reduce manual operational work for the security team. - Participate in security incident response (on-call rotation or escalation), including investigation, containment, root cause analysis, and long-term fixes. - Contribute to security documentation and standards, ensuring we have clear, actionable guidance for engineers on topics like authentication, authorization, data encryption, and key management. - Support audits and assessments (e.g., SOC 2, customer security questionnaires) by providing technical details and evidence of control design and effectiveness. - Mentor other engineers on secure design and implementation practices through pairing, reviews, training sessions, and written guidance. Qualifications - 5+ years of experience in security engineering, infrastructure engineering, or application security, ideally in a B2B SaaS or cloud-native environment. - Hands-on experience with at least one major public cloud platform (e.g., GCP, AWS), including IAM, networking, logging/monitoring, and security services. - Strong proficiency in at least one programming or scripting language (e.g., Python, Go, Java, or similar) and experience using code to automate security controls or detection. - Direct experience with AI/LLM-specific security risks (prompt injection, model supply chain, etc.). - Demonstrated knowledge of secure application and system design, including topics like authentication/authorization, encryption in transit and at rest, least-privilege access, and secrets management. - Experience with security tooling such as vulnerability scanners, SAST/DAST tools, SIEM/centralized logging, endpoint protection, or cloud security posture management. - Solid understanding of common vulnerabilities and attack patterns (e.g., OWASP Top 10, misconfigurations, supply-chain risks) and how to mitigate them in practice. - Ability to work cross-functionally with engineering, IT, and compliance/legal teams, and to translate security requirements into practical implementation details. - Clear written and verbal communication skills, including the ability to document designs and decisions and to educate others on security best practices. - A collaborative, pragmatic approach: you’re comfortable making risk-based decisions, proposing options, and supporting teams in implementing secure, scalable solutions. Benefits - Intentionally building a diverse, equitable, and inclusive workplace. - Empowerment and authenticity to build trust and create a safer Internet.

• Partner with teams across Corporate Security to understand their operational workflows, data sources, reporting needs, and automation goals. • Build best-in-class dashboards and metrics that provide real-time visibility into CorpSec operations, performance, risks, and program health. • Use ChatGPT, Codex, agents, APIs, and automation tools to build scalable internal tools and workflows. • Create a unified technical vision that connects team-level projects into a broader CorpSec data and technology ecosystem. • Assess current data sources and workflows, identify gaps, and improve the quality, consistency, and reliability of data. • Design clean data pipelines and reporting structures across systems such as Airtable, Ontic, Jira, Asana, Google Workspace, and other CorpSec tools. • Build prototypes quickly, test with users, and iterate toward production-ready solutions. • Help establish data standards, governance practices, and repeatable patterns for future CorpSec technology builds. • Translate ambiguous business needs into clear technical requirements and practical solutions. • Serve as a technical partner to CorpSec leadership on dashboards, automation, AI-enabled workflows, and data strategy.

• Design Unity Catalog permission models and ownership standards • Provide technical support to customers including responding to questions, resolving issues, providing guidance and support as needed • Interface with tracking system to prioritize tasks and document solutions • Establish strong working relationships with internal customers insuring a solid understanding of the current business needs and future direction • Define, document, and present solutions to proactively address the business needs • Be the subject matter expert (SME) for the database environment, AlwaysOn architecture, SAN technologies • Ensure the solutions meet the documented standards for naming, hardening, PCI, archiving and maintenance processes through formal processes, i.e. code and architecture reviews