Job Description

Responsibilities

• Enterprise Security Architecture & Strategy:
• -Acquire a thorough understanding of the organization's IT and information systems landscape
• -Lead security solutioning and design for enterprise IT systems, identifying gaps in existing security architecture and recommending changes or enhancements
• -Document and establish enterprise security architecture to improve the security posture of Windows, macOS, and mobile environments
• -Collaborate with application and infrastructure owners to define integration initiatives across all externally and internally-facing applications and systems
• -Plan architectural improvements and provide guidance to support developers, engineers, and analysts
• -Apply risk-based thinking to enable teams to make informed security decisions and prioritize effectively
 
• Identity & Access Management:
• -Ongoing support of IAM technologies, including single sign-on, multi-factor authentication, and user lifecycle management
• -Manage user account lifecycle end-to-end: provisioning, securing, access reviews, and deactivation in accordance with least-privilege principles
• -Implement and manage role-based access control (RBAC) strategies and integrations across enterprise applications
• -Conduct regular access reviews and certification campaigns to ensure compliance
• -Implement and manage privileged access management (PAM) solutions for administrative and service accounts
 
• Endpoint Security:
• -Deploy and maintain endpoint security tooling including mobile device management (MDM) and endpoint detection and response (EDR) capabilities
• -Administer productivity suite security configurations including data loss prevention, access controls, and email security policies
 
• Cloud & AWS Security:
• -Secure cloud infrastructure services including IAM policies, security groups, VPCs, and network access controls
• -Implement cloud security best practices around logging, monitoring, and alerting (e.g., CloudTrail, GuardDuty, Security Hub)
• -Enforce least-privilege access principles across cloud environments and review permissions regularly
• -Support cloud workload protection, encryption key management, and secure configuration baselines

Requirements:

• 5+ years of experience in enterprise security (Infrastructure/Endpoints)
• 3+ years of experience in AWS/Cloud Security Roles
• Experience with enterprise applications (architecture, development, support, and troubleshooting)
• Hands-on experience with IAM administration and SAML/OIDC integrations
• Familiarity with Google Workspace administration and security features
• Knowledge of Windows, MacOS and Linux Systems (System Administration/Security Hardening)
• Experience with PAM solutions
• Experience with MDM platforms

Nice to haves:

• Proficiency in scripting and automation languages (Bash, PowerShell, Python)
• Experience with Identity Governance and Administration (IGA) platforms
• Knowledge of Zero Trust architecture principles
• SCIM provisioning and automation experience
• Experience with conditional access policies and risk-based authentication
• Experience with web3 and blockchain technologies
• Relevant certifications: CISSP, CEH, AWS Certified Security Specialty, or equivalent