• Own vulnerability management, dependency security, threat modeling, security code reviews, and remediation of penetration test findings. • Strengthen our AWS security posture, identity and access management (IAM, SSO, SAML, SCIM), endpoint security, threat detection, and incident response capabilities. • Design and implement security controls for AI-powered products and workflows, including protections against prompt injection, data leakage, and other AI-specific risks. • Build technical safeguards that enable the secure use of PHI and sensitive data within LLM-powered systems. • Implement and maintain the technical controls, evidence, and security practices required to support HIPAA, SOC 2, and other compliance programs. • Leverage AI-powered tooling, automation, and modern security platforms to scale security impact across the organization. • Build self-service security solutions, paved roads, and runbooks that help engineers move quickly while maintaining strong security standards. • Partner closely with Engineering and IT to deliver pragmatic, scalable security solutions that support product velocity and business growth. • Be a force multiplier for the Pod-Infra team

Role Description cubic solutions GmbH, ein Unternehmen im Bereich Cyber Security mit Sitz in Neumarkt in der Oberpfalz, Deutschland, sucht eine:n Consultant für Microsoft Azure und M365 Security. Werde Teil unseres dynamischen Teams! - Beratung von Unternehmen bei der Planung, Auswahl und Umsetzung sicherer Microsoft Azure- und M365-Lösungen – maßgeschneidert auf individuelle Anforderungen - Durchführung von Azure-Migrationen, Sicherheitsanalysen und der Implementierung von Schutzmaßnahmen zur Sicherung von Cloud-Infrastrukturen und Unternehmensdaten - Entwicklung und Integration von Sicherheitsrichtlinien, -technologien und Best Practices zur Stärkung der IT-Sicherheitsarchitektur in Azure- und M365-Umgebungen - Planung und Durchführung von Schulungen und Workshops zur sicheren und effizienten Nutzung von Microsoft-Cloud-Diensten - Kontinuierliche Optimierung bestehender Azure- und M365-Lösungen hinsichtlich Sicherheit, Performance und Benutzerfreundlichkeit - Entwicklung und Implementierung von sicheren und effizienten Microsoft Azure-Lösungen für Unternehmen Qualifications - Fließende Deutschkenntnisse in Wort und Schrift - Erfahrung mit Scriptsprachen wie z. B. PowerShell - Mehrjährige Erfahrung im Bereich Informationssicherheit, insbesondere mit Microsoft Azure und M365 - Fundierte Kenntnisse zu aktuellen Sicherheitsstandards, -architekturen und -praktiken - Hohe Motivation und Interesse an neuen, spannenden Themen - Begeisterung, in einem kleinen, hochmotivierten Team an herausfordernden Aufgaben zu arbeiten - Engagement und Freude, ein wachsendes Unternehmen aktiv mitzugestalten - Ausgeprägte Eigeninitiative und eine "Hands-on"-Mentalität, um gemeinsam Großes zu erreichen - Starke analytische und problemlösende Fähigkeiten, die du gerne in Projekten auslebst - Microsoft-Zertifizierungen im M365 und Microsoft Azure Umfeld Benefits - Moderne Holacracy-Organisationskultur: Flexibles Arbeiten in einer selbstorganisierten Struktur - Berufliche Weiterbildung: Vielfältige Möglichkeiten zur persönlichen und fachlichen Weiterentwicklung - Betriebliche Altersvorsorge: Eine langfristige Absicherung für deine Zukunft - Firmenhandy und -laptop: Alles, was du für deine Arbeit benötigst - Individuelle Mobilitätslösungen: Ob Firmenwagen, Bahncard oder Jobbike – wir finden die Lösung, die zu deinen Bedürfnissen passt. - Fitnessabo: Zugang zu Fitnessangeboten für deine Gesundheit und Ausgleich - Gewinnbeteiligung: Profitiere von unserem gemeinsamen Erfolg - Urlaubsregelung: Für jedes volle Jahr bei uns bekommst du einen zusätzlichen Urlaubstag - Feiertage: Fallen Feiertage auf ein Wochenende, kannst du diese nachholen Company Description Die zunehmende Digitalisierung von Arbeit und Zusammenarbeit führt dazu, dass immer mehr Wissen, Know-how und Geschäftsgeheimnisse in die digitale Welt überführt werden. Leider ist diese Welt nicht immer sicher, und Informationen können schnell Ziel unberechtigter Zugriffsversuche werden. Sowohl große als auch kleine Unternehmen stehen vor der Herausforderung, ihre digitalen Arbeitsabläufe bestmöglich abzusichern.

Role Description We are seeking an IT Systems Administrator with a strong background in enterprise security operations and cybersecurity. This is a security-first role, with primary responsibility for cybersecurity operations and secondary responsibility for systems administration, focused on protecting critical infrastructure through proactive monitoring, incident response, firewall and endpoint security management, and compliance alignment. The ideal candidate will drive IT cybersecurity standards in support of SOC 2, HIPAA, and other required compliance frameworks. They will lead security adoption across network and operations teams, owning the detection, investigation, and remediation of security risks and threats while ensuring the confidentiality, integrity, and availability of enterprise systems. Primary ownership includes: - Firewall management - Security monitoring - Incident response - Endpoint protection - Compliance In addition to hands-on security operations, this role provides guidance on secure system design, supports regulatory and compliance initiatives, and contributes to the continuous improvement of security controls across on-premises and cloud environments. Qualifications - Must have good English proficiency, both written and verbal. - Bachelor’s degree in Information Technology, Telecommunications, or a related field; or equivalent work experience. - Senior-level experience in systems and security administration. - Strong networking, operating system, and virtualization knowledge. - Experience responding to real-world security incidents. - Proven experience as an IT Systems Administrator, preferably in a telecom-focused organization. - Strong understanding of IT infrastructure, including servers, storage systems, and cloud environments. - Proficiency in managing enterprise software, operating systems (Windows/Linux), and IT tools. - Knowledge of telecom industry applications and requirements is a significant advantage. - Excellent problem-solving and analytical skills with a proactive approach to system management. - Strong interpersonal and communication skills for collaborating with teams and supporting users. - Experience with virtualization platforms (e.g., VMware, Hyper-V) and cloud platforms (e.g., AWS, Azure) is a plus. - Relevant certifications such as Security+, CySA+, CEH, SSCP, ITIL, CompTIA Server+, or Microsoft Certified: Azure Administrator are advantageous. - Ability to multitask and prioritize in a fast-paced, remote working environment. Requirements - Manage enterprise firewalls, including Cisco Meraki, SonicWall, and Fortinet. - Monitor and respond to security alerts using XDR, RMM, and SIEM platforms. - Lead incident response, breach remediation, and root-cause analysis. - Administer Bitdefender Endpoint Protection and similar endpoint security tools. - Secure the Microsoft 365 tenant, including Defender, identity protection, and conditional access policies. - Support SOC 2 and ISO 27002 compliance activities. - Collaborate with internal teams to support telecom-specific applications and integrations. - Monitor system performance, troubleshoot issues, and provide timely resolutions to minimize downtime. - Ensure compliance with telecom industry standards, data protection regulations, and company policies. - Create and maintain documentation for system configurations, processes, and troubleshooting guides. Company Description Founded in 2001, family owned and operated AireSpring is a leading Provider of Cloud Communications, Managed Connectivity and Managed Security which has earned its stellar reputation by taking service and support to the next level, delivering an award-winning customer experience that far exceeds the industry standards. AireSpring has delivered 20 years of outstanding service to its rapidly rising base of national and global customers, while growing organically and remaining debt free. As the trusted provider to over 22,000 enterprise locations worldwide, our mission is to help our clients connect and communicate easily. We aim to delight our customers and partners by providing personalized, outstanding service. The company has built a solid reputation of integrity, reliability and dependability with its channel partners, end-user customers and technology partners. We have received more than 100 coveted industry awards including "Product of the Year- SD-WAN and UCaaS", "Excellence in Customer Service", "Unified Communications Excellence", "Best in Show," "Best Telecom Deal" and "Top Channel Program".

Role Description The Security Engineering team is responsible for protecting Sift’s products, infrastructure, and data while enabling our engineering organization to ship quickly and safely. As a Senior Security Engineer, you’ll be a key technical contributor and subject-matter expert, working on projects that materially reduce risk and strengthen Sift’s security posture. In this role, you will: - Design, implement, and operate security controls and tooling across Sift’s stack. - Work closely with Engineers, SREs, IT, and Legal/Compliance to secure our systems end-to-end—from application code and CI/CD pipelines to cloud infrastructure and identity. - Help define our standards, mentor other engineers on secure practices, and contribute directly to audits and compliance efforts. What you’ll do: - Design and implement security controls and tooling across Sift’s infrastructure and applications (e.g., IAM policies, network controls, secrets management, endpoint protections, container and workload security). - Embed with product and platform teams to perform security design reviews, threat modeling, and code or configuration reviews for new features and services. - Improve the secure SDLC by integrating AI-powered scanning tools, security scanning (SAST/DAST, dependency and container scanning) into CI/CD, and by developing guardrails, templates, and best practices for engineers. - Own or co-own vulnerability management workflows, from discovery and triage through remediation, including defining SLAs, coordinating with service owners, and tracking closure. - Develop automation (scripts, services, integrations) to detect misconfigurations, anomalous activity, or policy violations, and to reduce manual operational work for the security team. - Participate in security incident response (on-call rotation or escalation), including investigation, containment, root cause analysis, and long-term fixes. - Contribute to security documentation and standards, ensuring we have clear, actionable guidance for engineers on topics like authentication, authorization, data encryption, and key management. - Support audits and assessments (e.g., SOC 2, customer security questionnaires) by providing technical details and evidence of control design and effectiveness. - Mentor other engineers on secure design and implementation practices through pairing, reviews, training sessions, and written guidance. Qualifications - 5+ years of experience in security engineering, infrastructure engineering, or application security, ideally in a B2B SaaS or cloud-native environment. - Hands-on experience with at least one major public cloud platform (e.g., GCP, AWS), including IAM, networking, logging/monitoring, and security services. - Strong proficiency in at least one programming or scripting language (e.g., Python, Go, Java, or similar) and experience using code to automate security controls or detection. - Direct experience with AI/LLM-specific security risks (prompt injection, model supply chain, etc.). - Demonstrated knowledge of secure application and system design, including topics like authentication/authorization, encryption in transit and at rest, least-privilege access, and secrets management. - Experience with security tooling such as vulnerability scanners, SAST/DAST tools, SIEM/centralized logging, endpoint protection, or cloud security posture management. - Solid understanding of common vulnerabilities and attack patterns (e.g., OWASP Top 10, misconfigurations, supply-chain risks) and how to mitigate them in practice. - Ability to work cross-functionally with engineering, IT, and compliance/legal teams, and to translate security requirements into practical implementation details. - Clear written and verbal communication skills, including the ability to document designs and decisions and to educate others on security best practices. - A collaborative, pragmatic approach: you’re comfortable making risk-based decisions, proposing options, and supporting teams in implementing secure, scalable solutions. Benefits - Intentionally building a diverse, equitable, and inclusive workplace. - Empowerment and authenticity to build trust and create a safer Internet.