Omilia operates a proprietary, end-to-end conversational AI cloud platform serving enterprise contact centres in regulated industries including banking, utilities, and telecoms. The platform is cloud-native on AWS, Kubernetes-orchestrated, multi-tenant and single-tenant, and holds government-grade certifications including FedRAMP, ISO 27001, SOC 2 Type II, PCI-DSS Level 1, HIPAA, and GDPR. The Director of Cloud Security will own the security posture of this platform end-to-end: from infrastructure hardening and threat modelling through to audit evidence production and customer- facing security assurance. Key Responsibilities Cloud Security Ownership • Define and execute Omilia’s cloud security strategy across all deployment models: multi-tenant SaaS, exclusive tenant, private cloud, and hybrid. • Own the AWS security architecture including IAM, VPC design, GuardDuty, Security Hub, CloudTrail, KMS key management, and secrets management. • Lead infrastructure hardening programmes using golden image pipelines, CIS Benchmarks, and automated compliance scanning. • Ensure network segmentation, tenant data isolation, and zero-trust principles are implemented and maintained across all environments. Compliance & Certification Leadership • Own the annual renewal and continuous readiness of FedRAMP, SOC 2 Type II, ISO 27001, PCI-DSS Level 1, HIPAA, and GDPR across the cloud platform. • Drive the EU AI Act compliance programme as it applies to high-risk AI system classifications relevant to Omilia’s deployments in regulated sectors. • Produce and maintain the security control evidence pack used in enterprise customer due diligence, RFP responses, and regulatory audits. • Act as primary technical liaison with external auditors, QSAs, and penetration testing firms. AI & Data Security • Define data security controls for voice data processing pipelines, including real-time PCI redaction, voice biometric data storage, and training data anonymisation. • Assess security implications of LLM and generative AI integrations (Pathfinder, miniApps, RAG pipelines) and establish guardrails for model input/output security. • Own the subprocessor security assessment programme and ensure DPA/Security Exhibit obligations are met across the third-party supply chain. Security Engineering & Operations • Lead vulnerability management: SAST/DAST integration in CI/CD, container image scanning, CVE triage, patch SLAs. • Own incident response for cloud-tier events: detection, containment, eradication, recovery, and post-incident review. • Define and operate security monitoring and SIEM coverage for the OCP platform, ensuring audit logs are immutable, queryable, and exportable. • Collaborate with engineering on secure SDLC practices, threat modelling for new features, and security review gates in the release process. Stakeholder Engagement • Support Sales and Customer Success in enterprise security questionnaires, customer security reviews, and contract security exhibit negotiations. • Represent cloud security posture to the CISO, CTO, and executive team; translate technical risk into business impact language. • Engage with CCaaS platform partners (NICE, Five9, Genesys, RingCentral) on integration security requirements and shared responsibility boundaries.

Job Title: RIT Co-op: Information Security - Identity Access Management Department: Information Security - Identity Access Management Location: Remote SUMMARY: As a participant in the RIT paid Co-Op you will gain exposure and experience in the healthcare field, covering a multitude of areas within Information Security & Identity Access Management. RESPONSIBILITIES: - Provides work experience directly related to student’s course of study and career interests. - Student is given specific responsibilities related to the field of study and department in which he/she is a co-op. - Allows student to learn through active engagement and meaningful activities. - Performs other duties as assigned. REQUIRED QUALIFICATIONS: - Student of RIT. - Background in the field of study which coincides with the department utilizing the co-op. PREFERRED QUALIFICATIONS: - Dependent upon the department utilizing the co-op, specific skills or qualifications may be preferred EDUCATION: LICENSES / CERTIFICATIONS: PHYSICAL REQUIREMENTS: S - Sedentary Work - Exerting up to 10 pounds of force occasionally Sedentary work involves sitting most of the time, but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met. For disease specific care programs refer to the program specific requirements of the department for further specifications on experience and educational expectations, including continuing education requirements. Any physical requirements reported by a prospective employee and/or employee’s physician or delegate will be considered for accommodations. PAY RANGE: $20.00 - $20.00 CITY: Rochester POSTAL CODE: 14617 The listed base pay range is a good faith representation of current potential base pay for a successful full time applicant. It may be modified in the future and eligible for additional pay components. Pay is determined by factors including experience, relevant qualifications, specialty, internal equity, location, and contracts. Rochester Regional Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex (including pregnancy, childbirth, and related medical conditions), sexual orientation, gender identity or expression, national origin, age, disability, predisposing genetic characteristics, marital or familial status, military or veteran status, citizenship or immigration status, or any other characteristic protected by federal, state, or local law.

• Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities. • Conduct advanced security research on Solana and other Rust-based smart contract platforms. • Work closely with core contributors to perform in-depth internal security audits. • Work with external security audits in collaboration with top-tier third-party firms. • Effectively communicate security risks and solutions to both technical and non-technical stakeholders. • Uphold the highest standards of integrity, trust, and professionalism in all security practices.

• Design and implement secure cloud architecture patterns • Establish guardrails for AWS accounts and services • Strengthen multi-account strategy and segmentation • Improve IAM design, permission boundaries, and least-privilege models • Review major infrastructure changes for security impact • Implement and tune cloud-native detection capabilities • Integrate AWS security services into centralized monitoring • Identify misconfigurations and excessive permissions • Improve signal-to-noise ratio in cloud alerts • Embed security controls into Terraform or other IaC workflows • Enforce policy-as-code guardrails • Ensure IaC scanning is integrated into CI/CD pipelines • Reduce configuration drift across environments • Oversee cloud misconfiguration detection and remediation • Track infrastructure vulnerability exposure • Reduce critical vulnerability exposure window • Partner with Platform teams to automate remediation • Ensure proper encryption standards across storage and databases • Manage KMS usage and key lifecycle best practices • Strengthen logging and monitoring coverage • Lead cloud-focused investigations during security incidents • Improve forensic readiness in AWS • Harden logging and evidence retention practices • Automate guardrails and enforcement mechanisms • Improve developer experience with secure cloud defaults • Reduce manual cloud security reviews • Optimizing tooling cost and effectiveness • Define KPIs for cloud security posture • Report on misconfiguration trends and exposure windows • Provide executive-level reporting on infrastructure risk • Support audit and compliance evidence collection