• Monitor, interpret, and implement applicable global regulations, ensuring company-wide compliance. • Develop, maintain, and enforce compliance policies, procedures, and internal controls. • Conduct regular compliance risk assessments, identify gaps, and implement mitigation strategies. • Provide compliance guidance to internal teams on new initiatives, product changes, and partnerships. • Act as a key point of contact for regulators, auditors, and external advisors as needed. • Design and deliver compliance training to ensure employees understand their obligations. • Oversee the handling, investigation, and reporting of compliance incidents, breaches, or regulatory concerns.

• Receive, triage, and analyze compliance-related requests, documentation, and assessment findings, and work to resolve issues through research, evidence collection, and stakeholder coordination. • Support the development and maintenance of System Security Plans (SSPs), POA&Ms, policy sets, procedures, and control documentation across client environments. • Review client technical configurations (e.g., access controls, logging, encryption, segmentation, backup strategies) against NIST/CMMC compliance objectives and document gaps or remediation actions. • Communicate with clients through email, chat, meetings, and interviews to gather evidence, clarify processes, and maintain progress visibility on compliance deliverables. • Assist in the management, implementation, and validation of compliance controls across CMMC, NIST 800-171, and/or DFARS 7012. • Contribute to internal compliance documentation templates, client-facing guidance materials, and evidence repositories that streamline audit readiness. • Support the creation of compliance reports, risk assessments, briefs, and executive presentations that translate findings into clear business narrative.

• Lead CE conformity assessments for machinery and robotic systems in accordance with EU regulations • Interpret and apply relevant directives and regulations, including but not limited to: Machinery Directive / Machinery Regulation (2006/42/EC / EU 2023/1230), Low Voltage Directive (LVD), EMC Directive, Radio Equipment Directive (RED), where applicable • Perform and review risk assessments in accordance with ISO 12100 • Ensure compliance with relevant harmonized standards (e.g., EN ISO 13849, EN IEC 62061, EN 60204-1, ISO 10218) • Support the creation and maintenance of Technical Files, including: Risk assessments, Schematics and drawings, Test reports, Declarations of Conformity, User manuals and safety instructions • Coordinate and support testing activities (EMC, electrical safety) • Interface with Notified Bodies, test laboratories, and regulatory authorities as required • Provide compliance guidance during product design reviews and change management • Monitor regulatory updates and assess impact on existing and future products • Support internal audits and continuous improvement of compliance processes

• Define and execute Tines' multi-year GRC strategy aligned with business objectives and market expansion goals • Own the compliance roadmap, prioritizing certifications and frameworks based on customer needs and revenue impact (FedRAMP, ISO 27001, SOC 2, GDPR, CCPA, etc.) • Serve as executive sponsor for all compliance programs, providing visibility and reporting to C-suite and Board of Directors • Build business cases for compliance investments, demonstrating ROI and competitive advantage • Monitor evolving compliance landscape, anticipating regulatory changes and translating requirements into actionable programs • Lead, mentor, and grow a team of GRC professionals, establishing career development paths and performance metrics • Drive Tines' FedRAMP authorization to successful completion, overseeing gap remediation, documentation, and 3PAO engagement • Maintain and optimize SOC 2 Type II compliance, ensuring efficient audit cycles and continuous control effectiveness • Own the information security policy framework, ensuring alignment with regulatory requirements and business needs • Own the customer security assurance experience, including questionnaire responses, audit coordination, and Trust Center management.