• Serve as an acting CISO for portfolio companies when needed • Build or mature cyber programs, including strategy, roadmap, governance • Run or oversee major incidents, bringing structure and calm during chaotic situations • Assess cyber maturity, identify improvements, and develop action plans • Design and execute end to end security programs across various dimensions • Advise CEOs and boards on cyber strategy and organizational design

• Plan, prepare and perform Internal Evaluation Program (IEP), Compliance Monitoring, OSHA (Federal and State), DOT Drug and Alcohol Program, and Security Program audits IAW Aero’s Safety Management System (SMS), Company Security Manual (CSM), Ground Safety Program, Anti-Drug and Alcohol Misuse Prevention Program (ADAMP), as well as all applicable federal, state and local regulations. • Ensure company procedures comply with federal and state regulations as well as corporate policies. • Conduct in briefs & out briefs with organizational leadership. • Identify and document audit results and create reports. • Identify and document non-conformities. • Input and manage audit data via Aero’s SMS platform. • Analyze IEP Data trends to identify organizational top risks and areas for improvement. • Recommend policy and procedures changes for process improvements to safety and security leadership. • Communicate findings with all levels of organizational leadership. • Monitor and verify that audits and FAA inspection findings are corrected promptly and that corrective actions are effectively implemented in day-to-day operations. • Maintain knowledge of applicable standards, laws, and regulations, and update internal processes as regulatory requirements change. • Support regulatory compliance duties, including VDRP related follow-ups, regulatory correspondence, and special investigations as requested by safety department leadership. • Other tasks as set forth by the safety department leadership. • Travel up to 50% of the time may be required.

• Help in shaping and evolving our detection and response capabilities. • Own and enhance our use of the Stellar Cyber XDR. • Work closely with our SOC team to improve alert quality, automate investigations, and uncover new detection opportunities. • Directly influence how quickly and effectively we identify and respond to threats across our environment.

• Guide enterprise-scale logging initiatives and ensure compliance • Collaborate with IT and security stakeholders to meet logging and monitoring requirements • Implement and maintain the enterprise logging compliance platform • Enable the ability to monitor, detect, and respond to security events • Generate content, user guides, and reports for operational and compliance needs • Lead coordination of installations, updates, and maintenance of ELM and SIEM systems • Develop and maintain documentation for SIEM and ELM systems • Ensure log onboarding, reporting, and compliance requirements are met • Apply knowledge of threat detection and compliance auditing procedures • Utilize security controls automation and guidance documentation