• Design and engineer security controls for AI-enabled SaaS applications • Define and evolve the enterprise AI Security Architecture, guardrails, and security requirements aligned to business objectives • Treat AI agents as first-class identities, defining authentication, authorization, lifecycle management, and revocation • Identify and mitigate AI-specific risks including data leakage, prompt injection, jailbreaks, model abuse, data poisoning, model extraction, and AI supply-chain risk • Collaborate closely with IAM, SecOps, AppSec, GRC, IT engineering, AI platform teams, and business stakeholders to embed security controls where they belong

Role Description - Support the detection, monitoring and tracking of security vulnerabilities at the application, database, server, workstation and OS levels. - Support AWS, Azure, and Google cloud operations in securing the public cloud environments. - Configure and troubleshoot IAM policies, Security Groups, Service Control Policies, Role Based Access Control, and Managed Service Identities. - Tune and configure SIEM performance and events data quality to maximize log correlation efficiency. - Work closely with the network team to implement and maintain network access control technologies. - Configure Security Orchestration, Automation, and Response (SOAR) tools, scripts, events, and playbooks. - Demonstrate expertise in shell scripting and other programming languages, such as Python and PowerShell. - Show proficiency in understanding and using regular expressions (regex). - Have a solid understanding of REST/SOAP/WSDL/XML (Web Services) and HTTP request methods. - Work closely with the compliance team to identify, document and implement various security controls related to NIST, FedRAMP, HiTRUST, and ISO 27001. - Guide the network and operations teams in implementing security best practices. - Work with network and systems engineering teams to promote automation, automated monitoring and administration functionality. - Implement and support security solutions including but not limited to Intrusion Detection, Log Management, Data Loss Prevention, Vulnerability Management, Web Content Filtering, and Configuration Management. - Support the efforts to develop operational best practice procedural documentation for operations staff. - Assist in the development and documentation of various systems, policies, procedures, and customer deliverables. - Research new products and make appropriate recommendations. - Develop and design project plans, tasks and timelines and then provide verbal and written status reports as directed. - Conduct ongoing security assessments, document and track findings and remediation activities. - Provide on-call support as needed. Qualifications - BS in Computer Science, Engineering or related field desired. - Minimum 3 years of experience supporting an enterprise-level environment. - Good understanding of the following: log correlation, SIEM technologies (AlertLogic, ArcSight, Q1 Radar, LogRhythm, Splunk, etc.), IDS/IPS technologies, vulnerability scanners (Nessus, Qualys, etc.) and other related technologies. - Understanding of common web application vulnerabilities and familiarity with using web application scanning tools such as Burp Suite, ZAP Proxy, Acunetix, etc. - Understanding of cloud solutions and cloud security best practices in environments such as AWS, Azure and Google Cloud. - Solid understanding of compliance requirements and standards such as PCI-DSS, HIPAA, HiTRUST, ISO 27001, SOX, etc. - Demonstrated knowledge of one or more of the following systems: Linux, Windows, or Mac OS. - Working knowledge of firewall and web filtering technologies. - Experience practicing ITIL framework-based processes such as Change, Problem, and Incident Management in an enterprise environment. - Excellent verbal and written communication, presentation, and interpersonal skills. - Ability to define, document and support systems, policies, and procedures. - Excellent analytic, problem-solving and troubleshooting skills. - Good knowledge and experience designing network, system and application security architectures. - Ability to efficiently handle multiple projects with shifting priorities. - Ability to anticipate and mitigate risks as well as define architectural solutions. Company Description Strategy (Nasdaq: MSTR) is at the forefront of transforming organizations into intelligent enterprises through data-driven innovation. We don't just follow trends—we set them and drive change. As a market leader in enterprise analytics and AI software, we've pioneered the BI and analytics space, empowering people to make better decisions and revolutionizing how businesses operate. We are now also at the forefront of AI disruption, providing data via our enterprise semantic layer to AI agents, tools, and platforms. But that's not all. Strategy is also leading a groundbreaking shift in digital assets, adopting bitcoin as our primary treasury reserve asset in 2020. Since then, we have issued innovative bitcoin-backed securities and have been the leader in bitcoin treasury companies. This visionary move has helped us build a fortress balance sheet, and is solidifying our position as a forward-thinking, innovative force in the market. Our people are the core of our success. At Strategy, you'll join a team of smart, creative minds working on dynamic projects with cutting-edge technologies. We thrive on curiosity, innovation, and a relentless pursuit of excellence. Our corporate values—bold, agile, engaged, impactful, and united—are the foundation of our culture. As we lead the charge into the new era of AI and financial innovation, we foster an environment where every employee's contributions are recognized and valued. Join us and be part of an organization that lives and breathes innovation every day. At Strategy, you're not just another employee, you're a crucial part of a mission to push the boundaries of analytics and redefine financial investment.

• Own vulnerability management, dependency security, threat modeling, security code reviews, and remediation of penetration test findings. • Strengthen our AWS security posture, identity and access management (IAM, SSO, SAML, SCIM), endpoint security, threat detection, and incident response capabilities. • Design and implement security controls for AI-powered products and workflows, including protections against prompt injection, data leakage, and other AI-specific risks. • Build technical safeguards that enable the secure use of PHI and sensitive data within LLM-powered systems. • Implement and maintain the technical controls, evidence, and security practices required to support HIPAA, SOC 2, and other compliance programs. • Leverage AI-powered tooling, automation, and modern security platforms to scale security impact across the organization. • Build self-service security solutions, paved roads, and runbooks that help engineers move quickly while maintaining strong security standards. • Partner closely with Engineering and IT to deliver pragmatic, scalable security solutions that support product velocity and business growth. • Be a force multiplier for the Pod-Infra team

Role Description cubic solutions GmbH, ein Unternehmen im Bereich Cyber Security mit Sitz in Neumarkt in der Oberpfalz, Deutschland, sucht eine:n Consultant für Microsoft Azure und M365 Security. Werde Teil unseres dynamischen Teams! - Beratung von Unternehmen bei der Planung, Auswahl und Umsetzung sicherer Microsoft Azure- und M365-Lösungen – maßgeschneidert auf individuelle Anforderungen - Durchführung von Azure-Migrationen, Sicherheitsanalysen und der Implementierung von Schutzmaßnahmen zur Sicherung von Cloud-Infrastrukturen und Unternehmensdaten - Entwicklung und Integration von Sicherheitsrichtlinien, -technologien und Best Practices zur Stärkung der IT-Sicherheitsarchitektur in Azure- und M365-Umgebungen - Planung und Durchführung von Schulungen und Workshops zur sicheren und effizienten Nutzung von Microsoft-Cloud-Diensten - Kontinuierliche Optimierung bestehender Azure- und M365-Lösungen hinsichtlich Sicherheit, Performance und Benutzerfreundlichkeit - Entwicklung und Implementierung von sicheren und effizienten Microsoft Azure-Lösungen für Unternehmen Qualifications - Fließende Deutschkenntnisse in Wort und Schrift - Erfahrung mit Scriptsprachen wie z. B. PowerShell - Mehrjährige Erfahrung im Bereich Informationssicherheit, insbesondere mit Microsoft Azure und M365 - Fundierte Kenntnisse zu aktuellen Sicherheitsstandards, -architekturen und -praktiken - Hohe Motivation und Interesse an neuen, spannenden Themen - Begeisterung, in einem kleinen, hochmotivierten Team an herausfordernden Aufgaben zu arbeiten - Engagement und Freude, ein wachsendes Unternehmen aktiv mitzugestalten - Ausgeprägte Eigeninitiative und eine "Hands-on"-Mentalität, um gemeinsam Großes zu erreichen - Starke analytische und problemlösende Fähigkeiten, die du gerne in Projekten auslebst - Microsoft-Zertifizierungen im M365 und Microsoft Azure Umfeld Benefits - Moderne Holacracy-Organisationskultur: Flexibles Arbeiten in einer selbstorganisierten Struktur - Berufliche Weiterbildung: Vielfältige Möglichkeiten zur persönlichen und fachlichen Weiterentwicklung - Betriebliche Altersvorsorge: Eine langfristige Absicherung für deine Zukunft - Firmenhandy und -laptop: Alles, was du für deine Arbeit benötigst - Individuelle Mobilitätslösungen: Ob Firmenwagen, Bahncard oder Jobbike – wir finden die Lösung, die zu deinen Bedürfnissen passt. - Fitnessabo: Zugang zu Fitnessangeboten für deine Gesundheit und Ausgleich - Gewinnbeteiligung: Profitiere von unserem gemeinsamen Erfolg - Urlaubsregelung: Für jedes volle Jahr bei uns bekommst du einen zusätzlichen Urlaubstag - Feiertage: Fallen Feiertage auf ein Wochenende, kannst du diese nachholen Company Description Die zunehmende Digitalisierung von Arbeit und Zusammenarbeit führt dazu, dass immer mehr Wissen, Know-how und Geschäftsgeheimnisse in die digitale Welt überführt werden. Leider ist diese Welt nicht immer sicher, und Informationen können schnell Ziel unberechtigter Zugriffsversuche werden. Sowohl große als auch kleine Unternehmen stehen vor der Herausforderung, ihre digitalen Arbeitsabläufe bestmöglich abzusichern.