IT Security Lead

About Appen
Appen is a leader in AI enablement for critical tasks such as model improvement, supervision, and evaluation. To do this we leverage our global crowd of over one million skilled contractors, speaking over 180 languages and dialects, representing 130 countries. In addition, we utilize the industry's most advanced AI-assisted data annotation platform to collect and label various types of data like images, text, speech, audio, and video.
Our data is crucial for building and continuously improving the world's most innovative artificial intelligence systems and Appen is already trusted by the world's largest technology companies. Now with the explosion of interest in generative AI, Appen is helping leaders in automotive, financial services, retail, healthcare, and governments the confidence to deploy world-class AI products.
At Appen, we are purpose driven. Our fundamental role in AI is to ensure all models are helpful, honest, and harmless, so we firmly believe in unlocking the power of AI to build a better world. We have a learn-it-all culture that values perspective, growth, and innovation. We are customer-obsessed, action-oriented, and celebrate winning together.
At Appen, we are committed to creating an inclusive and diverse workplace. We are an equal opportunity employer that does not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Key Responsibilities:

• Microsoft Security Solutions Implementation: 
• Deploy, configure, and maintain Microsoft security solutions, including but not limited to Microsoft Defender for Endpoint, Microsoft Sentinel, Microsoft Purview for DLP and Microsoft Cloud App Security. 
• Implement security policies and controls within Microsoft 365 and Azure environments. 
• SIEM Implementation and Configuration: 
• Deploy, configure, and maintain the organization's SIEM solution. 
• Customize SIEM rules, filters, and dashboards to align with security requirements. 
• Manage the collection, normalization, and analysis of security log data from various sources. 
• Integrate threat intelligence feeds into the SIEM platform to enhance threat detection capabilities. 
• Threat Detection and Response: 
• Monitor and analyze security alerts to identify and respond to potential security incidents. 
• Carry out regular tests to simulate attacks so they can identify areas where the company is vulnerable and ways in which its systems might be exploited by hackers and viruses. 
• Conduct investigations into security events, collaborating with incident response teams to mitigate and remediate threats. 
• DLP Solution Implementation: 
• Deploy, configure, and maintain Data Loss Prevention solutions to protect sensitive data across the organization's networks, endpoints, and cloud environments. 
• Develop and implement DLP policies tailored to the organization's data protection requirements. 
• Monitor DLP alerts and incidents, and lead investigations into potential data breaches or policy violations. 
• Ensure proper configuration and enforcement of access controls and identity policies. 
• Vulnerability Scanning and Assessment: 
• Conduct regular vulnerability scans across the organization's IT infrastructure, including networks, systems, and applications. 
• Analyze scan results to identify and prioritize vulnerabilities based on risk and potential impact. 
• Develop and implement a comprehensive patch management strategy to address identified vulnerabilities. 
• Coordinate with IT teams to ensure timely application of patches and updates. 
• Security Awareness and Phishing: 
• Develop and deliver security awareness programs for employees, educating them on Microsoft-specific security best practices. 
• Design phishing scenarios that mimic real-world threats and stay abreast of emerging tactics. 
• Security Reporting: 
• Design, develop, and maintain security reports and dashboards to provide timely and accurate information on key security metrics. 
• Create custom reports tailored to meet the specific needs of different stakeholders within the organization. 
• Generate reports to demonstrate compliance with industry regulations, standards, and internal security policies. 
• Establish and maintain a regular reporting cadence to keep stakeholders informed about the organization's security status. 

Qualifications:

• A bachelor’s degree in a relevant field of study, preferred (ie: Computer Science). 
• A minimum of 10 years of IT experience, with 6 years hands on in an information security role  
• Preferred industry qualifications – CISSP, CompTIA Security+  
• Training or Certifications from ISACA or ISC2 (good to have) – CISM/ CRISC/CISA / CCSP  
• Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies. 
• Strong communication and interpersonal abilities.  
• Ability to stay current with industry trends and emerging technologies. 

Appen is the global leader in data for the AI Lifecycle with more than 25 years’ experience in data sourcing, annotation, and model evaluation. Through our expertise, platform, and global crowd, we enable organizations to launch the world’s most innovative artificial intelligence products with speed and at scale. Appen maintains the industry’s most advanced AI-assisted data annotation platform and boasts a global crowd of more than 1 million contributors worldwide, speaking more than 235 languages. Our products and services make Appen a trusted partner to leaders in technology, automotive, finance, retail, healthcare, and government. Appen has customers and offices globally.