• Lead the security of Alpen’s cloud infrastructure, production systems, internal platforms, and operational environments. • Design, implement, and maintain security controls across AWS and cloud-native infrastructure. • Lead infrastructure hardening initiatives across servers, containers, Kubernetes clusters, and cloud services. • Drive identity and access management programs, including least-privilege access, RBAC, privileged access management, and secrets management. • Own vulnerability management processes, remediation programs, and infrastructure security reviews. • Build and improve security monitoring, detection engineering, alerting, and incident response capabilities. • Investigate security incidents, conduct root-cause analysis, and lead response and recovery efforts. • Develop and maintain incident response playbooks, operational procedures, and security runbooks. • Partner with engineering teams to secure CI/CD pipelines, deployment workflows, and developer platforms. • Review infrastructure architecture and operational changes to identify and mitigate security risks. • Automate security controls and integrate security tooling into engineering workflows. • Conduct threat modeling and architecture reviews for infrastructure and platform services. • Support endpoint security, device management, vendor security assessments, and internal security initiatives. • Establish security metrics, reporting, and visibility into operational risk across the organization. • Collaborate effectively within a globally distributed team.

• Assessment di conformità e gap analysis rispetto a normative e framework (NIS 2,DORA, GDPR, CRA, FNCS, ACN Determinazioni 2024-2025) • Implementazione di SGSI e modelli di gestione secondo ISO 27001, ISO 27002, ISO27005, ISO 22301 • Supporto al CISO e alle funzioni aziendali di sicurezza nella definizione di policy, processi e controlli • Attività di virtual CISO, risk management, compliance management e advisory su progetti di cyber governance • Supporto alla preparazione di accreditamenti e verifiche ACN (Cloud PA, QC1, PNCS, NIS 2) • Redazione di documentazione tecnico-organizzativa (procedure, registri, piani, report, autodichiarazioni di rischio)

• Leads structured IAM assessment engagements for small and medium-sized businesses across multiple industries, delivering comprehensive current state analysis, future state recommendations, maturity enhancements, and strategic roadmaps • Facilitates discovery sessions to evaluate client environments across IGA, AM, PAM, and Identity Verification (IdV) domains • Develops polished, executive-ready deliverables that address people, process, and technology recommendations • Serves as a trusted advisor during the presales process, identifying and aligning the right IAM services to client needs • Supports clients through vendor selection and helps define a clear path forward for IAM program improvements • Collaborates with internal teams to continuously develop and refine assessment methodology and service offerings • Contributes to thought leadership through development of reusable frameworks, templates, and best practice content • Embraces emerging technologies, including AI tools, to work smarter, solve problems, and drive better business outcomes

• Deliver these offerings to clients across various industries • Join GuidePoint’s elite team to perform engagements, communicate with clients, deliver comprehensive reports, and provide remediation guidance • Contribute to evolving our service offerings in response to emerging threats and client needs