The Ewing Internship Experience Video Develop the skills and experience you need to succeed in the workplace while making the world a little greener at Ewing, the largest family-owned supplier of landscape and irrigation products in the U.S. During an internship at Ewing, you can expect to grow your skills, knowledge, and experience in wholesale distribution by working in several different job functions in our rotational program. You will gain operations experience working alongside our Branch Service Professionals learning counter sales, shipping, and receiving. Shadowing and performing the duties of a Branch Manager exposes interns to strategic planning and operations of running a branch. Interns will gain sales experience working alongside some of our Account Managers performing sales calls and activities to grow the business. Lastly, interns are exposed to high-level leadership through the mentoring from Regional and Divisional Managers allowing exposure to the strategic development of the business and our employees. All interns will be given the opportunity to work on a Capstone Project, where interns use their knowledge, skills, and interests to develop process improvement strategies for Ewing! Examples of projects include but not limited to… - Customer churn outreach - Conducting employee “stay” interviews - Social media outreach - Customer satisfaction exploration - Learning & Development activity effectiveness - And more! At the completion of the project, you will get the opportunity to present your findings and show off your hard work to a group of company executives. A great experience throughout!

• Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process; track and manage high volume of DDQ and RFP requests. Coordinate and collaborate with internal teams to meet tight deadlines. Handle a high volume of requests and interactions in a fast-paced environment • Support enterprise sales with technical customer security discussions • Lead SOC 2 Type II audit preparation, evidence collection, and remediation • Conduct third party vendor security assessments, collaborate on third party risk management processes • Implement and manage third party tool and new processes to create efficiencies • Develop the security narrative and conduct security reviews for new product functionality to enable GTM • Review and negotiate security and compliance language in customer contracts in collaboration with Legal team • Build and manage Trust Center integrations and public-facing security documentation in collaboration with Legal team • Build customer-facing compliance artifacts (security whitepapers, certifications)

• Performs a variety of routine project tasks applied to specialized information assurance problems. • Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. • Analyzes information security requirements. • Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. • Provides security engineering support for planning, design, development, testing, demonstration, and integration of information systems.

• Build Security into Development: Work alongside engineering teams to integrate security throughout the SDLC; from design reviews and threat modeling to secure coding practices. Conduct security assessments of applications, APIs, and cloud infrastructure. Guide developers on secure authentication, authorization, cryptography, and data protection. Champion security best practices while maintaining developer velocity and trust. • Implement Security Tooling & Automation: Deploy and manage application security tools including SAST, DAST, SCA, and container scanning. Build automation for security testing in CI/CD pipelines. Implement and improve secrets management solutions. Create dashboards and metrics to track security posture. • Drive Security Initiatives: Lead application vulnerability management programs including triage, prioritization, and driving remediation. Support security compliance efforts (SOC 2, ISO 27001, or similar frameworks). Contribute to incident response and security event investigation. Develop security training and documentation for engineering teams. • Collaborate Across Teams: Partner with infrastructure and DevOps teams on cloud security controls. Perform risk assessments for new features, technologies, and third-party integrations. Participate in architecture reviews and provide security guidance.