Vultr

• Own the annual budgeting, quarterly forecasting, and long-range planning processes for Vultr's cloud compute, GPU, and other product lines • Build and maintain sophisticated financial models for SaaS and GPUaaS revenue streams, including ARR, MRR, churn, utilization rates, and unit economics • Partner with Product, Engineering, Procurement, Sales, and Marketing teams to develop financial business cases, pricing analyses, and go-to-market investment strategies • Deliver monthly and quarterly management reporting packages with variance analysis, KPI dashboards, and executive-level commentary on financial performance • Analyze GPU infrastructure utilization, capacity costs, and gross margin dynamics to support pricing and capacity planning decisions for Vultr’s GPUaaS offerings • Model and forecast the financial performance and capital structure, including the use of SPVs and debt financing, for large-scale AI/GPU infrastructure investment deals. • Conduct competitive benchmarking and market analysis to contextualize Vultr's financial performance within the broader cloud infrastructure landscape • Support strategic initiatives including fundraising, M&A due diligence, and board-level financial presentations with rigorous financial analysis and modeling • Identify opportunities to improve financial processes, reporting automation, and data infrastructure to increase the efficiency and accuracy of FP&A operations • Adaptability and flexibility in use of different AI related technologies, such as Gemini and Claude

• Own the daily helpdesk ticket queue, triaging and resolving issues across hardware, software, and access requests within established SLAs • Troubleshoot endpoint issues on macOS and Windows devices for fully remote employees, escalating complex problems to senior IT staff when appropriate • Administer core SaaS platforms (Google Workspace, Slack, Zoom, and similar tools), including user provisioning, license management, and group permissions • Manage employee onboarding and offboarding end-to-end, including hardware shipping, account creation, access provisioning, and timely deprovisioning • Configure and maintain endpoints through MDM platforms (Intune, or equivalent), ensuring devices remain compliant with security policies • Support identity and access management workflows in Okta (or equivalent SSO/IdP), including SSO integrations, MFA enforcement, and group-based access • Maintain an accurate hardware and software asset inventory, tracking devices throughout their lifecycle from procurement to retirement • Develop clear documentation, runbooks, and self-service resources that empower employees and reduce repeat tickets • Engage with employees through chat, video, and ticketing channels to deliver a responsive, white-glove support experience across multiple time zones • Partner with Security, People Operations, and senior IT teammates on larger initiatives, audits, and tooling rollouts

• Serve as strategic owner and administrator of Ashby ATS, including workflows, reporting, automations, integrations, and process governance • Build and maintain executive recruiting dashboards, funnel analytics, capacity planning models, and operational reporting • Partner with Talent Acquisition leadership to design scalable recruiting processes supporting rapid organizational growth • Analyze funnel conversion, sourcing effectiveness, recruiter productivity, pipeline health, and hiring bottlenecks to identify and implement operational improvements • Develop and maintain recruiting SLAs, process documentation, reporting standards, and operational best practices • Identify opportunities to improve recruiter efficiency, interview process effectiveness, and hiring manager experience • Ensure recruiting data integrity, source attribution accuracy, and stage consistency across all recruiting workflows • Support workforce planning and recruiting capacity forecasting • Improve operational efficiency across candidate experience, interview workflows, scheduling processes, and reporting accuracy • Partner cross-functionally with HR, People Operations, Finance, and business leaders on hiring operations initiatives and process improvements

• Lead and develop a distributed team of 8+ engineers across Identity Management, Payments & Billing, and Internal Admin Platform; spanning junior to senior-level talent • Drive engineering execution: sprint planning, technical prioritization, and delivery across multiple concurrent workstreams • Engage deeply with the PHP monolith; code reviewing, architectural decision-making, and guiding incremental modernization without disrupting production systems • Build and maintain a high-performance team culture through 1:1s, career development, and structured feedback loops • Partner closely with product, design, and adjacent engineering leadership to align on roadmap priorities and technical strategy • Develop team processes that balance velocity, quality, and operational stability at scale • Own hiring and headcount planning for your teams, including defining roles and evaluating candidates • Perform technical risk assessments and guide teams through complex system changes; including IAM/SCIM integrations, billing infrastructure, and account lifecycle work

• Design and build reliable, well-documented RESTful APIs consumed by internal teams and external customers at scale • Navigate and extend a large, mature PHP monolith… understanding existing patterns, respecting stability, and improving incrementally • Identify and address technical debt in a principled way, balancing immediate delivery needs with long-term maintainability • Integrate and maintain third-party SDKs and external services, ensuring reliability, error handling, and graceful degradation • Write clean, testable code that meets and elevates team coding standards… leaving every surface better than you found it • Collaborate closely with engineering peers and leads to review code, share context, and raise the technical bar across the team • Debug and resolve production issues across a complex, interconnected system… quickly, thoroughly, and with clear communication • Contribute to architectural discussions and help evaluate technical tradeoffs as systems evolve

• Serve as the senior security advisor during complex customer sales engagements, supporting Sales and Business Development teams throughout the deal lifecycle and to internal stakeholders. • Lead security discussions with customers, articulating the design and security advantages of the Vultr platform, including hypervisor isolation, infrastructure protection, and network segmentation. • Support RFP, RFQ, and security due diligence responses by clearly demonstrating the technical superiority and security capabilities of the Vultr platform and completing customer questionnaires or other documentation accordingly.. • Address advanced technical security questions and objections that exceed the scope of traditional Sales Engineering teams. • Communicate the Vultr Security Stack, including compute isolation, infrastructure security controls, network architecture, and platform resilience. • Conduct customer security control mapping to security frameworks and privacy regulations. • Provide deep technical validation for enterprise customers, ensuring security architecture requirements are met during procurement and technical evaluation phases. • Assist Sales teams in accelerating deal closure by removing technical blockers and providing authoritative security guidance. • Present security architecture briefings and technical workshops to customers, partners, and executive stakeholders. • Collaborate with Engineering and Infrastructure teams to ensure customer security requirements are accurately represented and supported. • Assist in the development of security documentation, reference architectures, and technical collateral supporting customer trust and regulatory compliance. • Participate in security reviews and proof-of-concept evaluations for strategic customer deployments. • Provide subject matter expertise on GPU-based compute infrastructure, high-performance cloud computing, and secure sovereign cloud deployments. • Act as a trusted advisor to customer, security teams, and technical leadership during the evaluation and procurement process. • Collaborate with internal teams including Sales, Product, Infrastructure, Engineering, Security, and senior leadership to ensure consistent messaging and technical alignment. • Contribute to the development of security positioning strategies for regulated industries, including government, healthcare, and financial services.

• Lead and grow a high-performing team of storage engineers and operators across multiple regions • Own the technical delivery for Vultr's block, object, and file storage products across all performance tiers • Drive architecture decisions for multi-tenant, multi-tier storage platforms serving diverse workload profiles • Ensure five-nines availability, durability, and performance SLAs across the global storage fleet • Integrate and operationalize third-party storage solutions as needed • Optimize storage systems for AI and HPC workloads requiring extreme throughput and low latency • Collaborate with product, infrastructure, and customer success teams to define storage offerings and SLAs • Manage capacity planning, cost optimization, and vendor relationships across the storage stack

• Conduct in-depth technical security assessments of new and existing vendors using standardized questionnaires (SIG, CAIQ, custom frameworks). • Validate that vendor-submitted controls align with industry standards including NIST CSF, ISO 27001, SOC 2, CIS Controls, and applicable regulations (GDPR, DORA, HIPAA, PCI-DSS). • Review evidence packages including penetration test reports, vulnerability scans, audit logs, and attestations. • Assess network architecture, encryption standards, access controls, patch management practices, and identity management implementations. • Operate and interpret third-party security rating platforms (e.g., ArgosRisk, DocuBark, etc.) to track changes in vendor risk posture. • Monitor vendors attack surfaces for newly exposed assets, misconfigurations, and known vulnerabilities (CVEs/zero-days). • Configure and manage automated alerts for changes in vendor security ratings, breach disclosures, or threat intelligence signals. • Perform periodic reassessments on a cadence aligned to vendor risk tier (Tier 1: quarterly, Tier 2: semi-annual, Tier 3: annual). • Collect, review, and validate supporting evidence for vendor control claims. • Analyze SOC 1 / SOC 2 Type II reports, noting exceptions, qualified opinions, and control gaps. • Verify currency and scope of ISO 27001, PCI-DSS, HIPAA, and other certifications. • Maintain audit-ready documentation for each vendor within the GRC platform. • Monitor vendor breach disclosures and assess organizational impact from third-party security incidents. • Coordinate with internal Incident Response (IR) and Security Operations Center (SOC) teams when a vendor is compromised. • Track open findings, remediation commitments, and validate closure through re-assessment. • Escalate unresolved high-severity findings to risk owners and senior management. • Assign, maintain, and update technical risk scores for each vendor based on assessment findings and monitoring signals. • Weight risk findings by vendor criticality — factoring in data sensitivity, operational dependency, and regulatory exposure. • Contribute technical risk inputs to overall vendor risk ratings within the GRC/TPRM platform. • Produce executive-ready dashboards, risk summaries, and periodic reports for senior leadership and risk committees. • Identify and map key sub-processors and technology dependencies for critical vendors. • Assess concentration risk — flagging cases where multiple vendors rely on the same cloud provider, data center, or software stack. • Require vendors to notify of material sub-processor changes and reassess impacted risk profiles accordingly. • Issue formal technical findings report to vendors with clear, prioritized remediation guidance. • Define remediation timelines, escalation thresholds, and acceptable compensating controls. • Validate remediation effectiveness through follow-up evidence collection and re-testing. • Escalate non-compliant or unresponsive vendors to procurement, legal, or executive stakeholders. • Partner with Procurement, Legal, Compliance, and Business Owners on vendor onboarding and renewal decisions. • Translate complex technical findings into clear, business-oriented risk narratives for non-technical stakeholders. • Advice on security contract clauses, SLAs, right-to-audit provisions, and breach notification terms. • Support internal audit, regulatory exams, and external assessments requiring third-party risk evidence. • Continuously refine assessment questionnaires, technical benchmarks, and monitoring playbooks. • Stay current on emerging threats, regulatory changes, and evolving industry standards relevant to vendor risk. • Contribute to the development and refinement of vendor tiering models and organizational risk appetite definitions. • Evaluate and recommend new tools or capabilities to strengthen the TPRM monitoring program.

• Team Leadership: Manage and mentor a team of skilled analysts, overseeing performance, career development, and daily operational priorities. • Remediation Leadership: Partner with internal stakeholders to drive completion on complex remediation efforts, negotiate priorities and timelines, escalate blocked remediations, and maintain a risk-based approach to remediation prioritization. • Continuous Improvement: Identify opportunities for improvement, benchmark program maturity against industry frameworks, solicit feedback from internal stakeholders to improve remediation procedures, and incorporate lessons learned into policies and procedures. • Audit and Compliance Support: Serve as subject matter expert in internal and external audits, providing remediation evidence and policy attestations, and translate audit findings into actionable remediation plans. • Vulnerability Management Oversight: Serve as the primary vulnerability management authority during security incidents and security operational engagements.

• Conduct vendor Business Impact Analysis (BIA) and Data Privacy assessments. • Complete third-party risk assessments for all new vendors. • Ensure third-party risk assessments include an in-depth Business Impact Analysis (BIA) and Data Protection Impact Assessment (DPIA), supporting BCP/DR and Privacy programs. • Continually reevaluate vendors based on their criticality level to identify/document any changes that may impact on Constant’s risk exposure, data privacy, mitigation strategies, etc. • Coordinate the collection of required security assessment artifacts (e.g., audit reports, privacy policies, compliance documentation, incident response plan, disaster recovery/business continuity plans, etc.) from (new and existing) vendors periodically. • Prioritize assessments that require technical reviews/PoC to Security Engineering. • Prepare and monitor the status of each vendor risk assessment (software, data center, etc.) and communicate the status with key stakeholders regularly. • Update and document due diligence tracking with real-time status and escalate issues and concerns (e.g., oversight deficiencies, program concerns, and open risk items). • Own and update control evidence related to TPRM to ensure readiness for internal assessments and external audits. • Document program processes and procedures to ensure all updates to the TPRM program are captured and accessible to relevant parties. • Support the sales department in completing customer TPRM questionnaires and being the point of contact for security, governance and IT-related inquiries as needed. • Answering queries on global data privacy processing and protection requirements from internal stakeholders. • Escalating any potential data breaches for investigation and resolution. • Creating and maintaining documentation, privacy notices, privacy statements, SOPs, work instructions and guidance notes in cooperation with Legal, SecOps, GRC, Trust & Safety and other teams. • Assist in the continued development and maintenance of a comprehensive privacy program which minimizes risk and maintains the confidentiality of personal information of customers, employees and other applicable company data. • Preparing reports on regulatory compliance as needed.