ARIVE

• Lead and evolve ARIVE’s security and infrastructure strategy, roadmap, and posture. • Lead, manage, and develop the existing security and infrastructure teams; serve as the executive-level decision maker on all security, infrastructure, and IT matters. • Partner across all teams to embed security into workflows and practices, champion secure-by-design standards, and assess emerging AI-driven threats and opportunities across the security landscape. • Lead the security of ARIVE’s core platform — ensuring protection of PII, mortgage data, and financial information at rest and in transit. • Govern application security standards including secure code reviews, SAST/DAST, API security, and penetration testing programs. • Govern authentication, authorization, and access control frameworks across all customer-facing and internal applications. • Drive threat modeling and security reviews for new features, integrations, and third-party connections. • Run a 24x7 security incident monitoring program across all platform, cloud, and endpoint environments. • Mature the SIEM/SOAR program, lead incident response across all severity levels, and drive automation to improve MTTD/MTTR. • Manage regular penetration tests, vulnerability assessments, and red-team engagements; track findings to closure. • Run and continuously improve ARIVE’s AWS cloud infrastructure, CI/CD pipelines, container orchestration, secrets management, and deployment automation across U.S. and India teams. • Govern environment segregation, access controls, promotion workflows, and platform reliability. • Define strategy to implement endpoint device and application protection enforcement, DLP, and enterprise security tooling standards across the organization. • Drive vulnerability scanning programs; maintain risk registers and remediation SLAs. • Run IT operations including identity/access management and internal tooling across U.S. and India. • Manage IT asset protection and lifecycle programs — procurement through secure disposal. • Partner with the Director of Compliance to execute SOC 2 controls implementation and support audit readiness. • Ensure GLBA and state privacy law adherence; lead vendor/third-party risk assessments and BC/DR planning. • Define scalable IT policies, standards, and onboarding/offboarding workflows in collaboration with HR, Finance, and Operations.