• The Senior Corporate Security Engineer role is responsible for designing, building and operating the technical security systems and controls that protect Charlie Health’s corporate environment, workforce systems, endpoints, SaaS platforms, cloud-connected services and internal operations. • Engineer scalable security solutions for identity, endpoints, SaaS platforms, cloud-connected services, collaboration tools and internal systems • Partner with IT Engineering to embed secure-by-design practices into enterprise systems, integrations and infrastructure • Establish control patterns that improve security posture, operational efficiency, auditability and resilience • Design and improve identity and access controls across workforce systems, SaaS applications and privileged access workflows • Implement and mature controls for MFA, conditional access, device trust, role-based access, least privilege, service accounts and lifecycle automation • Help advance Charlie Health’s Zero Trust strategy through identity-centric control design, continuous verification and measurable trust signals • Engineer and improve security controls across Mac, Windows, mobile and BYOD environments • Support investigation and response for identity, endpoint, SaaS, email, cloud, data exposure and corporate security events

• Network security engineer for operational support • Help take the security to the next level in a proactive stance • Work on federal IT infrastructure • Collaborate with identity, cybersecurity, and network operations teams

• Provides technical leadership and is responsible for determining the direction for the IT architecture, standards, design and implementation approaches for the company’s application systems • Creates, evaluates and implements plans and design proposals for high impact IT solutions • Lead security architecture, design and management oversight of endpoints and servers • Lead security projects by designing, researching, proposing and implementation of new endpoint and server security controls • Provide endpoint and server security consultation and oversight for customer connections and/or merger and acquisitions • Conduct security architecture reviews of existing and proposed systems, identifying vulnerabilities and recommending appropriate controls and mitigation strategies

• Write security control implementation statements, specifically documenting Microsoft 365 implementation. • Perform security scans, review scan results, and provide application architecture consultation. • Protect the organization's information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction. • Manage security initiatives for cloud-based environments, with a strong emphasis on Microsoft Azure, O365, and Intune. • Conduct and maintain vulnerability scanning on networks; systems and applications. • Produce actionable; risk-based reports on security assessment results. • Assist with vulnerability remediation when necessary. • Continuously improve risk models; metrics; reports; processes; and activities. • Provide information security solutions compliant with the Risk Management Framework (RMF). • Collaborate with the customer security organization to ensure RMF processes are followed, policy is translated to operational procedures, proper tools are leveraged and verification that security policy and procedures are enforced.