• Oversee vendor onboarding, procurement workflows, and contract management • Ensure compliance with Third-Party Risk Management (TPRM) requirements • Support Physical Security, Security Engineering, Construction, and New Site Development teams • Collaborate closely with operations leadership, OEMs, vendors, and contractors to improve vendor experience • Resolve invoicing issues and facilitate vendor performance reviews • Drive operational efficiency and cost optimization

• Work in partnership with other FloQast IT teams to design, implement, and maintain corporate IT security systems, ensuring compliance • Lead third-party vendor and contractor security reviews • Audit and harden 3rd party SaaS systems for security best practices, leading remediation efforts • Ensuring security configurations across our corporate environment are documented and maintained • Regularly triage security events and ensure ongoing health of our Managed Detection & Response (MDR) partner • Own the analysis and documentation of security events & incidents, including investigating & escalating issues and participating in security event escalations • Maintaining existing compliance attestations and participating in risk assessment exercises • Lead vulnerability management efforts, ensuring issues are triaged, prioritized, and remediated according to defined SLA’s • Maintain and secure internal corporate endpoints (macOS and Windows) • Administer endpoint management platform for enterprise-wide monitoring and dash boarding • Participate in Agile scrum ceremonies for project and initiative tracking • Lead security awareness and training programs • Stay abreast of new and emerging security technologies and paradigms

• Manage enterprise firewalls, including Cisco Meraki, SonicWall, and Fortinet. • Monitor and respond to security alerts using XDR, RMM, and SIEM platforms. • Lead incident response, breach remediation, and root-cause analysis. • Administer Bitdefender Endpoint Protection and similar endpoint security tools. • Secure the Microsoft 365 tenant, including Defender, identity protection, and conditional access policies. • Support SOC 2 and ISO 27002 compliance activities. • Collaborate with internal teams to support telecom-specific applications and integrations. • Monitor system performance, troubleshoot issues, and provide timely resolutions to minimize downtime. • Ensure compliance with telecom industry standards, data protection regulations, and company policies. • Create and maintain documentation for system configurations, processes, and troubleshooting guides. • Perform Windows Server and Linux administration. • Manage user accounts, access permissions, and IT resources across enterprise systems. • Support and maintain virtualization platforms (VMware and Hyper-V). • Perform networking fundamentals and troubleshooting. • Provide technical support to end users, ensuring effective communication and timely resolution of IT-related concerns. • Research and recommend technology upgrades or enhancements to optimize IT operations. • Stay current with the latest IT trends and best practices relevant to the telecom sector.

• Risk & compliance tracking against government standards (e.g. CCPA, NIST, SOCII). • Tracking and remediation management of vulnerability issues and system patches. • Review and recommend additional or changes to existing AWS security-minded services. • Work with managed security service provider to triage and respond to potential security events. • Grow, as needed, the data fed to SIEM to provide visibility into potential security events. • Develop security-minded reports and dashboards for the Exec team, and for techies. • Develop and deploy security system alerting and monitoring strategy. • Systems access level inventory and auditing. • Provide as-needed security-minded operational support of our applications and platforms. • Partner with development teams on security architecture decisions. • Implement tagging and reporting strategy to measure security event risk/impact. • Gain functional knowledge of all Encoura applications. • Serve in an on-call rotation for security, or potential security-related issues.