Soteria - Security Solutions & Advisory

• Perform control gap assessments to help organizations understand where gaps exist within client security programs. • Provide project management tasks to ensure assessment delivery is on time and meets the client’s needs. • Identify gaps in desired control implements and determine appropriate recommendations for clients based on identified regulatory framework and desired controls. • Review information system security controls and evaluate efficacy. • Perform detailed audit-like assessments according to cybersecurity-related frameworks. • Analyze documentation and evidence provided to verify adherence to prescribed cybersecurity-related frameworks. • Develop and review policies, procedures, and other related documentation to ensure compliance with control frameworks. • Write clear and well-structured reporting to detail observations and strategic recommendations, at an appropriate level for the intended audience. • Identify cybersecurity-related regulatory requirements (e.g., PCI-DSS, HIPAA, CCPA, GDPR, NYDFS) as well as gaps in compliance, and develop strategic plans to achieve and maintain compliance. • Work closely with clients and the Soteria team to develop remediation plans to ensure clients achieve their desired outcomes. • Document and present findings and recommendations to clients, including C-Suite and board-level executives, in a professional manner. • Support project team with quality assurance review of deliverables. • Maintain relationships with clients post-assessment in order to assist and advise as they continue to build and improve their security. • Maintain competence in security trends, technologies, and practices through self-study and attendance of industry events. • Conduct interviews with clients and the Soteria team to evaluate a client’s IT environment and security practices. • Assess and research common business platforms and technologies to deliver recommendations for secure configurations. • Maintain integrity and confidentiality for sensitive client information.

• Execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5) • Assess control implementation status using standardized criteria and validation methodologies (NIST SP 800-53A Rev. 5) • Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls • Apply consistent judgment to determine evidence sufficiency and appropriateness • Maintain organized evidence repositories using secure collaboration platforms • Draft standardized assessment narratives and findings • Contribute to assessment workbooks, reports, and presentations using approved templates and language standards • Adhere strictly to defined assessment methodologies, scope boundaries, and validation standards • Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking • Support quality assurance reviews by addressing feedback and ensuring accuracy and clarity of deliverables • Escalate ambiguities, inconsistencies, or control interpretation questions to senior team members • Participate in client interviews and working sessions in a professional, structured manner • Communicate assessment expectations and evidence needs clearly to stakeholders • Collaborate effectively with Lead Assessors and peers to meet delivery timelines

The Sales Operations Analyst (SOA) plays a critical role in ensuring the sales organization operates efficiently and on schedule. This position is responsible for proactively supporting client needs, coordinating scopes of work, managing contract renewals, and organizing meeting schedules. The SOA enables the Sales team to focus on securing and growing client relationships by providing operational excellence and consistent support. This role requires a highly detail-oriented, service-driven professional who thrives in a collaborative team environment and can effectively manage multiple priorities. As a key contributor, the SOA ensures exceptional client experiences from the initial sales engagement through project completion. Success in this role is measured by timely and proactive client communication, successful execution of scopes of work and renewals, and strong alignment with company values and culture. The impact of this role extends across the organization, enhancing overall operational effectiveness. This position offers career growth opportunities into roles such as Account Executive, Account Manager, or Sales Operations Team Lead. Core Responsibilities - Execute internal sales operations processes and procedures with efficiency and accuracy - Evaluate existing processes and identify opportunities for improvement, optimization, or automation - Deliver timely reports and insights to Soteria leadership, clients, and partners - Maintain documentation, templates, and product definitions to support workflows and automation - Create and deliver scopes of work as directed or requested by clients and Sales staff - Coordinate with internal teams and technology partners to align solutions with customer needs - Gather and communicate competitive intelligence and client feedback to inform product enhancements - Maintain and update CRM systems with accurate pipeline, activity, and opportunity data Required Qualifications - U.S.-based and authorized to work in the United States - Minimum of 2 years of experience in Sales Operations, Business Analysis, Sales Development, or a related role - Experience within cybersecurity or IT partner/channel ecosystems preferred - Strong collaboration skills with the ability to thrive in a team-oriented environment - Excellent written and verbal communication skills - Ability to work remotely with professionalism, reliability, and a productive home office setup - Strong attention to detail with the ability to manage multiple tasks and ensure follow-through - Proficiency with modern office tools and systems Preferred Skills & Attributes - High-energy, results-driven, and team-oriented mindset - Positive, proactive, and solution-focused attitude - Creative and adaptable with a passion for process improvement - Strong interest in building client and partner relationships - Commitment to continuous learning and professional growth - Experience with tools such as Salesforce, Asana, Slack, Google Workspace, Canva, or similar platforms You May Be a Great Fit If You: - A challenge energizes and motivates you - You naturally identify and act on opportunities to improve, enhance, and automate systems and processes. - Think logically and communicate your reasoning clearly - Enjoy working with process flows, documentation, and structured systems - Are driven by performance-based growth and career advancement opportunities - Thrive in a collaborative environment and elevate those around you Working Environment This is a fully remote position with occasional travel required for client meetings or company events. Candidates must have reliable internet access and a dedicated workspace. All necessary hardware will be provided.

• Lead and perform Trusted Advisory and vCISO engagements to help organizations stand up or improve their security programs. • Lead and perform security assessments to help organizations understand where gaps exist within their security programs and develop recommendations for remediation. • Lead and participate in Advisory client projects to include client onboarding, documentation review, client interviews, presentation of findings, and report development and delivery. • Work closely with clients and the Soteria team to develop deliverables to include, but not limited to: executive summary reports detailed findings and recommendations reports presentation slide decks plans of action and milestones policy and procedure development ad-hoc written reports • Lead and coordinate with the Advisory team members to achieve excellence in the various business areas of Trusted Advisory and vCISO, Risk/Gap Assessments, Incident Response Readiness, Table Top Exercises, Business Continuity and Disaster Recovery Plans and Policy development. • Conduct presentations for various types of stakeholders to include technical staff, support staff, executive team, and board of directors. • Tailor communications to the client’s level of expertise, providing education and information to help them understand the bigger picture and make educated decisions. • Communicate with prospective and existing clients to understand their security needs and develop engagement plans to satisfy their requirements, focused on the information security aspects of the client's infrastructure. • Research cybersecurity topics and provide commentary for clients. • Participate with and support other Soteria business areas when needed. • Build and maintain close relationships with Soteria’s clients and help them understand the full scope of information available to make informed decisions about their security program. • Advocate for the client’s well-being, provide expert security advice, and rally internal Soteria resources for the benefit of the client. • Maintain updated client profile and pertinent information in internal operational support systems. • Maintain integrity and confidentiality for sensitive client information. • Partner with Soteria’s leadership team, service line leaders, and other Advisory members to improve service offerings. • Train and mentor other employees in order to build the company's overall capacity and capability. • Drive innovation by participating and working with cross-functional teams and stakeholders for the development of new product offerings, roadmaps, capabilities, and services, providing key inputs to operational delivery requirements and support models. • Assist with advancing the maturation of our existing services by identifying and directly contributing to the creation and management of support processes, knowledge base articles, playbooks, and other documentation management as needed.

• Lead and execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5). • Assess control implementation status using standardized criteria and validation methodologies. (NIST SP 800-53A Rev. 5). • Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls. • Apply consistent judgment to determine evidence sufficiency and appropriateness. • Lead planning, kickoff, execution coordination, and closeout activities for assigned assessment engagements. • Coordinate assessment activities and task assignments across Control Assessors to meet delivery timelines. • Serve as the primary point of contact for client stakeholders during assessment engagements. • Review and approve assessment narratives, findings, and control determinations prior to quality assurance submission. • Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking. • Enforce adherence to defined assessment methodologies, scope boundaries, and validation standards. • Support quality assurance reviews by addressing feedback and ensuring accuracy, clarity, and consistency of deliverables. • Lead and participate in client interviews, system walkthroughs, and working sessions in a professional, structured manner. • Clearly communicate assessment scope, expectations, and evidence requirements to stakeholders. • Present assessment results, key findings, and risk implications to executive leadership and board-level stakeholders in a clear, concise, and professional manner. • Mentor and guide Control Assessors on assessment techniques, documentation standards, and professional judgment. • Escalate risks, issues, or control interpretation questions to program leadership as appropriate.