• Support security, privacy, and governance activities across the Microsoft 365 cloud suite. • Assist with data readiness planning and integration of Microsoft Purview to protect sensitive data. • Support management of user permissions, data retention, compliance settings, and enterprise policies. • Assist with documentation and management of Security Change Requests and audit logging solutions. • Support Microsoft security and cyber architecture activities related to M365 services. • Assist with security and configuration support for SharePoint Online, OneDrive for Business, Exchange Online, Teams, Power Platform, Copilot, Azure/Azure AD, Intune, and AvePoint Online Services. • Support AvePoint Online Services security capabilities, including tenant-to-tenant considerations, Splunk Enterprise integration, bring-your-own-key configurations, IP restrictions, SFTP, and related interfaces. • Collaborate with systems support staff and technical teams to identify, mitigate, and document risks. • Contribute to bi-weekly and monthly status reporting, including action items, risks, mitigations, escalations, accomplishments, and closures.

• ISMS management and compliance. Manage and maintain the Information Security Management System, ensuring ongoing compliance with ISO 27001, GDPR, HIPAA, and other applicable frameworks. • Cybersecurity assessments and risk remediation. Conduct cybersecurity assessments and audits; triage and drive remediation of identified risks in collaboration with engineering teams. • Policies and documentation. Author and maintain cybersecurity policies, procedures, and controls documentation to support Cybersecurity and Governance requirements. • Technical security operations. Support cybersecurity operations and IT on technical security tooling, firewalls, networking, endpoint protection, and SIEM. • Security questionnaires and third-party vetting. Respond to bids, tenders, and third-party security vetting. • Security culture and awareness. Champion a security first culture across the organisation: create awareness programs, run training, and embed security-by-design thinking into how teams work. • Data security and governance. Support data security and data governance initiatives across the organisation. • Demonstrably AI-forward. Uses AI in their own workflows and can point to concrete automations they have built or commissioned to take work out of IT and operations.

• Prospect to win new business. • Manage and grow an account portfolio. • Develop, qualify and close opportunities in accordance with agreed criteria and exceed target expectations. • Maintain a complete, accurate, up-to-date sales pipeline and activities log using the GRC pipeline software. • Become an expert in the GRC product value proposition and services. • Develop and maintain relationships with key decision makers, through telephone and email contact. • Register leads, follow up leads, organize scoping calls with consultants where necessary. • Personal forecasting and pipeline management. • Provide supporting information to clients including quotes, proposals, PPT presentations, offers and promotions. • Assist with bids and tenders. • Prepare Professional Services agreements. • Provide customer and industry feedback to support the Group sales strategy. • Develop and maintain an understanding of our customer base and competitors operating in the same markets. • Professionally and passionately represent the GRC brand, vision, and values at all times.

• Mid-level Cybersecurity Engineer (Pentester/Offensive Security/Red Team) in a 100% remote (work-from-home) environment. • The professional will be responsible for performing penetration tests and adversary emulation.