• Design, implement, and enhance Azure DevOps platform capabilities, including reusable CI/CD templates, pipeline standards, and developer enablement tooling • Build and optimize secure CI/CD pipelines supporting multiple product lines, integrating security scanning, secrets management, artifact validation, and policy enforcement • Build and support scalable development and QA environments, improving provisioning, configuration management, and deployment automation • Implement and maintain infrastructure-as-code solutions using Terraform, Ansible, and PowerShell across Azure cloud environments • Partner with Product Security and Infrastructure teams to embed secure-by-design principles into SDLC workflows and support vulnerability remediation initiatives • Monitor CI/CD platform health and troubleshoot pipeline failures, deployment issues, and environment-related problems • Mentor junior engineers and promote DevSecOps best practices across Engineering, QA, Security, and Infrastructure teams

• Lead the transformation of the GSOC into a high-performing managed service by embedding lean principles, KPIs, and process controls. • Develop and execute a GSOC operational excellence roadmap aligned with enterprise risk and resilience priorities. • Drive the implementation of standardized global SOPs supported by a metrics-driven approach and real-time monitoring capabilities. • Champion the adoption of automation, AI/ML-driven analytics, and integrated physical-cyber threat intelligence. • Act as a change agent, creating a culture that embraces innovation, continuous improvement, technological advancement, and operational agility.

• Collaborate with a global team of engineers to monitor and respond to security events • Lead security incidents as Incident Commander • Lead digital forensic investigations in support of Employee Relations, Legal, Compliance, or Information Security cases • Create and maintain runbooks and automated workflows • Assist in process refinement and implementation • Collaborate with a diverse team of analysts, engineers, and key stakeholders on security initiatives across the company

Title: Information Security Operations Analyst Location: Lansing, MI Job Description: SUMMARY The Information Security Operations Analyst supports the mission of the Information Security Team to protect the confidentiality of Peckham’s proprietary, customer, and employee information while defending technology systems against cyber threats to ensure the continuity of Peckham’s business operations. The Security Operations Analyst plays an important role in monitoring for and responding to cyber threats by reviewing security information and event monitoring tools during their daily shift and after-hours in responding to high-priority threats escalated to the Information Security Team by Peckham’s managed threat detection and response partners. The Security Operations Analyst role is a hybrid of work-from-home (about 75%) and work from the Peckham Headquarters in Lansing Michigan (about 25%). MAIN DUTIES AND RESPONSIBILITIES - On a constant, daily basis throughout their scheduled shift, review Microsoft Defender and Microsoft Sentinel tools for potential cyber threats like malware infections, phishing attempts, and unauthorized access. - Document suspected threats within incident handling logs, triage the threat, report the threat to the Senior Security Operations Analyst or the Director of Information Security, and investigate the threat as directed. - On nights and weekends, respond to high priority threats escalated to the Information Security Team by Peckham’s managed threat detection and response partner, Critical Start. These incidents average 1-2 per week. - As guided by the Director of Information Security, assist the Senior Security Operations Analyst with using Tenable and other tools to identify new software and hardware vulnerabilities affecting Peckham’s information systems, prioritize the vulnerabilities, and report them to the appropriate remediation team(s). - Track remediation progress and report status to the Director of Information Security. - As needed, assist the Senior Security Operations Analyst with open incident investigations and response actions. - In the absence of the Senior Security Operations Analyst, assume primary responsibility for cyber threat detection and response activities. - As requested by and under the guidance of the Director of Information Security, the Security Operations Analyst will perform various tasks associated with the implementation of information security-related projects. - Continuously gather threat intelligence via multiple sources like email lists and social media to stay aware of threats and risks to Peckham. - Utilizing training opportunities provided by Peckham, commit to continuous improvement of cybersecurity skills through training and certification. OTHER DUTIES AND RESPONSIBILITIES - Maintain a safe and clean work environment. - Promote Peckham’s vision values and services to all customers and stakeholders. - Assist in maintaining organizational wide quality standards. - Other duties as assigned. SUPERVISORY RESPONSIBILITIES - This position does not have direct supervisory responsibility. MINIMUM QUALIFICATIONS - 1-2 years of experience working in a security operations center or similar environment triaging cybersecurity incidents. - Microsoft Certified: Security Operations Analyst Associate certification, the CompTIA CySA+, the GIAC SOC, or an equivalent certification or experience. - Ability to understand and practice the CIA Triad of Confidentiality, Integrity, and Availability in all aspects of their job duties. - Ability to install software and maintain and secure their own computing devices and tools. - familiar with the Microsoft Windows family of operating systems and at least one Linux or Unix distribution (Ubuntu, Kali, macOS, etc.). - Experience with capturing and analyzing network packets. - Strong understanding of modern networking and the Open Systems Interconnect model and 5-tuple. - Must possess strong documentation skills for the purposes of forensic analysis. - Ability to work under pressure and quickly handle multiple security incidents simultaneously. - Must be detail oriented and thorough. - Ability to compartmentalize sensitive information and employ the philosophy of need-to-know in all communications and disclosures. - Ability to work independently and with minimal supervision within their assigned job duties without affecting quality, thoroughness, or timeliness. - Must be flexible and adapt to changing conditions and multiple priorities on a regular basis. PREFERRED QUALIFICATIONS - Experience with Microsoft security solutions like Defender XDR, Sentinel, and Intune are preferred. - Experience with Tenable One Exposure Management Platform or Nessus Vulnerability Scanner is a plus. - Experience with securing cloud environments like Microsoft 365, Microsoft Azure, and Amazon Web Services is a plus. PHYSICAL DEMANDS The physical demands of this position may be reasonably accommodated for individuals with disabilities on a case-by-case basis. PECKHAM IS AN EQUAL OPPORTUNITY EMPLOYER EEO/AA Employer/Vet/Disabled. Peckham provides equal opportunities and does not unlawfully discriminate on the basis of race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability, genetic information, height, weight, marital status, veteran status, or any other protected characteristic protected by applicable federal, state, or local law.