• Build and contribute to secure-by-default protections across the stack (cloud, CI/CD, applications, and endpoints) by creating paved roads and guardrails that make the secure path the easy path within your problem space • Provide practical security guidance on new products and technologies, recommending secure-by-default patterns that fit into existing workflows • Help secure SeatGeek's use of AI — from LLM-assisted development to AI-powered product features — by building guardrails and reviewing for risks like prompt injection, sensitive-data exposure, and insecure model and tool integrations • Contribute to design reviews and threat modeling for high-impact features and services; surface risks early and help ensure mitigations are designed in • Build security tooling that prevents issues at build/deploy time and helps automate detection and response in production • Improve our detection and incident response capabilities — raise signal quality, tune detections, and implement automated responders that reduce manual toil and time to contain • Partner with engineering and business teams on cross-functional security work: endpoint and device trust, identity and email protections, security awareness and training, vendor reviews and risk assessments, and supporting compliance efforts (e.g., PCI/SOX) • Protect SeatGeek from abuse and bots at the edge and app layers through layered defenses and tuning • Contribute to security incidents and tabletops, including writing incident reviews; help improve runbooks, processes, and stakeholder communications afterward • Advocate for strong secure coding practices and contribute to a pragmatic, positive security culture across your team and partner teams

CAPCO POLAND *We are looking for Poland based candidate. Capco is a fully independent, global management and technology consultancy. For 25 years we have combined innovative thinking with deep industry knowledge to deliver business consulting, digital transformation and technology services to Finance and Energy markets. Our collaborative and efficient approach helps clients reduce costs and manage risk and regulatory change while increasing revenues. We are thinkers, innovators, and disruptors. We are small enough to care but large enough to matter. We are seeking a highly skilled Security Operations Engineer to support the expansion of a strategic security program focused on onboarding critical applications into enhanced monitoring capabilities.In this role, you will play a key part in building and optimizing SIEM detection capabilities, supporting threat verification, and enabling regulatory alignment with DORA (Digital Operational Resilience Act) requirements by the end of 2026. You will work at the intersection of SIEM engineering, threat modelling, and security operations, contributing directly to improving detection accuracy and strengthening overall security posture. Key Responsibilities: - Detection Engineering: Design, build, and optimize SIEM detection rules (with a focus on Microsoft Sentinel) - Testing & Automation: Develop and execute test cases for detection logic; automate validation processes using scripting - Application Onboarding: Support onboarding of critical applications into the security monitoring ecosystem - Requirements Gathering: Collaborate with application teams to define logging requirements and detection use cases - Workshop Facilitation: Lead and moderate workshops with stakeholders to align on threat scenarios and security capabilities - Technical Documentation: Produce clear and comprehensive documentation covering detection logic, threat models, and validation results - Collaboration: Work closely with SOC, engineering, and red teams to enhance alert fidelity and incident response effectiveness - Compliance Delivery: Contribute to threat verification and ensure deliverables meet ALaM program and DORA milestones Required Skills and Experience: - - SIEM Expertise: Hands-on experience with SIEM platforms (strong preference for Microsoft Sentinel) - Detection Engineering: Proven track record in creating, tuning, and testing detection rules - Scripting & Automation: Proficiency in Python, PowerShell, Bash, or similar for automation use cases - Communication: Strong English communication skills with the ability to confidently lead stakeholder workshops - Technical Knowledge: Understanding of cloud (Azure, AWS), operating systems (Windows, Linux), and database environments (SQL, Oracle) - Autonomy: Ability to work independently in a dynamic, high-volume onboarding environment Technology Stack - SIEM & Security: Microsoft Sentinel - Cloud & Infrastructure: Azure, AWS, Windows, Linux, SQL, Oracle - Scripting & Automation: KQL, Python, PowerShell, Bash Nice to have: - Experience in threat modelling and defining threat profiles - Familiarity with DORA or other regulatory frameworks in financial services We have been informed of several recruitment scams targeting the public. We strongly advise you to verify identities before engaging in recruitment related communication. All official Capco communication will be conducted via a Capco recruiter. We offer a flexible collaboration model based on a B2B contract, with the opportunity to work on diverse projects. #LI-REMOTE

• Own the end-to-end vulnerability management program across our SaaS products, cloud infrastructure, containers, and endpoints including identification, triage, prioritization, remediation tracking, and reporting • Operate and tune SAST, SCA, and dependency-scanning tooling (e.g., Snyk, GitHub Advanced Security/Dependabot) and partner with engineering teams to drive timely remediation • Monitor runtime and infrastructure telemetry (e.g., Datadog) for security signals; investigate alerts and lead containment and follow-up actions • Track and report on vulnerability SLAs, mean-time-to-remediate, and other security KPIs to leadership • Enhance the security posture of our Microsoft Azure environment including identity, networking, data, and workloads through configuration hardening, policy enforcement, and continuous monitoring • Administer and improve Microsoft Intune for endpoint configuration, compliance, and mobile device management • Tune and maintain Microsoft Defender (Endpoint, Cloud, and related products) for threat detection, response, and reporting • Implement and operate Microsoft Purview controls for data classification, DLP, and information protection • Draft, update, and maintain corporate information security policies, standards, and procedures aligned to recognized frameworks (e.g., SOC 2, ISO 27001, NIST CSF) • Lead the response to customer and prospect security questionnaires, RFPs, and due-diligence requests, and maintain a reusable response library • Support vendor risk assessments and third-party security reviews • Assist with internal and external audits, evidence collection, and remediation of findings • Partner with Engineering on secure SDLC practices, threat modeling, and code review guidance • Contribute to security awareness training, phishing simulations, and a strong security culture across the company • Help mature incident response playbooks and participate in tabletop exercises and on-call rotations as needed

• Review and refine AI-generated outputs related to security architecture, cyber risk assessments, mitigation strategies, and practical aspects of security design • Evaluate AI responses for accuracy, practicality, and compliance with real-world security requirements • Draft realistic security architecture scenarios based on your direct professional experience • Create scenario variations from different perspectives (e.g. security architect, client, IT leader, or regulator) • Identify gaps, oversights, or weak reasoning in AI-generated security content