Responsibilities:
• Conduct security design reviews and support the ongoing design of new infrastructure and endpoint solutions
• Identify technical control gaps, review security requirements, and provide remediation guidance
• Ensure the quality and consistency of security assessments across the organization
• Provide architectural and implementation guidance to developers and system owners to ensure adherence to security best practices
• Communicate technical control gaps and relevant attack scenarios to IT System Owners
• Articulate risks introduced by technical control gaps to Business Owners
• Collaborate with all Technology divisions, including cloud services, to perform security assessments across a diverse technology stack

Requirements:
• Expertise in infrastructure or application security
• Ability to explain common application vulnerabilities and remediation strategies to developers
• Ability to communicate technology risks from vulnerabilities to business stakeholders
• Experience with threat modeling
• Knowledge of secure network infrastructure design, including voice, data, switch, and software-based network controls
• Familiarity with enterprise desktop endpoint security, including Active Directory, Microsoft Intune, Endpoint Manager/SCCM, and Defender
• Knowledge of Microsoft Windows operating system security
• Ability to manage multiple projects simultaneously
• Strong written and verbal communication skills
• Eagerness to learn and stay updated on emerging technologies

Advantages:
• Experience with Microsoft SaaS suite architecture and configuration (Office 365, Power Platform)
• CISSP or equivalent security certification