• Process Epic access requests, modifications, and terminations through ServiceNow. • Support onboarding, transfers, and offboarding activities. • Assign and maintain security classes, roles, templates, and user records. • Support EMP imports, provider imports, and Epic security maintenance activities. • Troubleshoot user access and security-related issues. • Assist with role optimization, audits, compliance reviews, and access governance activities. • Participate in Epic upgrades, testing, and change management efforts. • Maintain security documentation and procedures. • Collaborate with IAM, HR, Compliance, and Epic application teams.

• Serve as the security architecture authority within the architecture organization, partnering with product architects, principal engineers, cloud partners (AWS, Azure, GCP), and business leaders to embed secure-by-design principles into hardware appliances, multi-tenant SaaS platforms, and globally distributed cloud infrastructure. • Coach and support developers in writing secure code, including secure patterns, common vulnerability classes, and secure use of frameworks and libraries. • Provide timely consulting on “how to do it right” (architecture, implementation details, and operational considerations) and help teams choose secure-by-default approaches. • Triage findings from SAST, SCA, DAST, container and IaC scanning; investigate, validate, and resolve false positives; and help teams prioritize true risk. • Partner with teams to tune security tools, reduce noise, and improve signal quality (rules, suppressions, baselines, and exception processes) while maintaining strong security posture. • Drive adoption of CNAPP, CWPP, WAF, service mesh security, API gateways, SIEM/SOAR, and cloud-native telemetry for protective monitoring, runtime defense, and incident-ready detection. • Conduct Secure by Design reviews for new applications and material changes to existing applications, validating security requirements and design decisions early. • Lead and facilitate threat modeling workshops; identify abuse cases, trust boundaries, and attack paths; and document mitigations and residual risk. • Review authentication/authorization design, data flows, secrets handling, logging/monitoring, and resiliency controls to ensure secure architectures. • Provide clear, actionable recommendations and track follow-through with engineering teams. • Translate regulatory and compliance requirements (FedRAMP, SOC2, ISO 27001, NIST SP 800-53, CSA CCM, SOX) into actionable, measurable, and auditable security architecture control objectives—shifting from audit-driven to architecture-driven alignment.

Role Description In this role, you will have the opportunity to: - Design, build, and maintain security measures to protect LivePerson's computer systems, networks, and information. - Identify and define security needs for our systems, following industry best practices and rules. - Create detailed security plans for our computer systems, both our own and those we use in cloud services. - Collaborate with other teams to find, fix, and reduce security issues in our cloud systems, software, and processes. - Write clear instructions and procedures for our security practices. - Set up and fix problems with security tools and services. - Develop technical solutions to make our systems more secure and automate repetitive security tasks. - Serve as a key expert to help Security Analysts and external security partners with complex issues. - Ensure the security of all IT and operations areas so our systems work well, and our data stays private, accurate, and available. - Document, monitor, and report on various security systems and processes to make sure our systems and data are secure and working correctly. - Help choose the best security tools with other teams to meet the company's needs. - Test, maintain, and improve our security solutions to meet the highest security standards. - Work closely with IT and System teams to strengthen the security of our cloud and infrastructure tools, following security rules and best practices. - Analyze data from systems to find any unusual or potentially harmful activity. - Be available to respond to urgent security issues outside of regular work hours (on-call rotation). Qualifications - Hands-on experience working with multiple cloud services. - Practical experience with networking, and systems like Elastic, OKTA, IDM, AD, JAMF, Windows, Linux, and MacOS. - Experience in responding to security incidents and analyzing system logs. - Familiarity with Python or other scripting languages. - At least 3 years of experience in IT or System teams within a software or cloud-based company. - Experience creating and working with procedures, reports, service level agreements (SLAs), and escalation processes. - Ability to perform well under pressure in fast-changing environments. - Strong communication and teamwork skills, including excellent written and spoken English skills. - Good problem-solving skills and the ability to stay calm under pressure. - A valid Comptia CySA+ certification. Requirements - You need to be available to provide support during US business hours. - This job includes being part of an on-call rotation for after-hours support. - Strong interpersonal skills are important. - Critical thinking abilities are necessary. - Attention to detail is required. - You should be able to manage your tasks and meet deadlines. - The ability to work independently with minimal supervision is important. Benefits - Your entrepreneurial spirit will be supported. - We love team members who chase down their big ideas, become experts, help colleagues, and own their work. - We are proud to be on Fast Company's list of Most Innovative Companies and Newsweek's list of most-loved workplaces. - The option to work remotely has helped shape who we are today. - Employees choose the environments that work best for them from anywhere in North America.

• Ejecutar pruebas de penetración (pentesting) y ethical hacking sobre aplicaciones, APIs e infraestructura. • Identificar, analizar y priorizar vulnerabilidades siguiendo OWASP Top 10 y el estándar ASVS. • Realizar security assessments y revisiones de seguridad sobre el ciclo de desarrollo. • Trabajar junto a los equipos de ingeniería para remediar hallazgos y elevar el nivel de seguridad. • Documentar hallazgos y comunicar riesgos de forma clara a perfiles técnicos y de negocio.