• Lead and mature Akoya’s cybersecurity, risk management, and IT governance functions • Serve as the operational backbone of Akoya’s security and risk programs • Translate strategy into execution and lead a team across security engineering, cyber operations, risk, compliance, and IT • Mature and execute Akoya’s enterprise risk management (ERM) framework • Develop and track key risk indicators (KRIs) aligned with business OKRs • Lead third-party risk management across fintech partners, vendors, and service providers • Conduct product risk assessments across new open finance capabilities • Support regulatory readiness related to CFPB Section 1033 • Lead day-to-day execution of Akoya’s cybersecurity program • Drive continuous improvement of zero-trust cloud architectures (AWS-centric) • Enhance monitoring, automation, and threat intelligence capabilities • Own operational execution of SOC 2 Type II and other certifications • Ensure alignment with NIST, ISO 27001/27002, GLBA, SOX, PCI • Partner closely with Legal and Product on regulatory interpretation and implementation • Respond to due diligence inquiries from financial institutions, fintechs, investors, and regulators • Oversee corporate IT governance in partnership with IT Systems Administrator • Lead and mentor security engineers, risk analysts, and IT personnel

• Partner with Product Management to define, validate, and shape security-related capabilities and use cases. • Design and evangelize customer workflows to realize the value of security features. • Build and maintain lab environments to support demos, technical validation, and security use-case exploration. • Develop high-quality technical collateral for internal audiences, including training materials, demo guides, and sales enablement content. • Collaborate with Marketing to create external-facing assets such as whitepapers, solution briefs, blogs, presentations, and videos. • Enable Sales and Solutions teams with security-focused demos, messaging, and technical training. • Represent Forward Networks at customer meetings, webinars, and industry events, including security conferences and trade shows. • Contribute thought leadership on network security trends and Forward’s role in modern security architectures. • Gather field and market feedback to influence product roadmap and security positioning.

About the Role Crane Company is seeking a hands-on Principal Security Engineer to help architect the next generation of our enterprise security capabilities and help transform the security of our technology environments. This is a rare opportunity to influence security at scale by building secure-by-design patterns, modernizing the global security technology stack, and partnering deeply with IT and cybersecurity teams across cloud, network, infrastructure, and application domains. This role is ideal for those who gets energized solutions to complex problems, rationalizing tools, establishing patterns and guardrails, and elevating the security posture across diverse businesses and platforms with an eye on building for the future. If you enjoy creating clarity in complex technical environments, shaping enterprise-wide engineering standards, and delivering high-impact, measurable improvements to security capabilities this is your role. On-site candidates preferred, but remote candidates will also be considered. Core Function As a Principal Security Engineer, you will serve as a technical authority for secure architecture, platform security, and enterprise security engineering. You will drive the design, integration, and evolution of core security capabilities, ensuring scalable, consistent, and effective controls across Crane Company’s global operating environment, and focused on streamlining M&A processes for secured integrations of technology stacks. This role focuses on building, integrating, and optimizing the underlying technologies that secure our cloud platforms, networks, endpoints, and infrastructure. You will evaluate existing controls, rationalize overlapping solutions, and lead the implementation of modern, centralized security capabilities. Your work will directly influence strategic security investments and architectural decisions, and you will have a strong line to the CISO to drive secure design patterns and enterprise security maturity. Key Responsibilities: Secure Architecture & Engineering (Primary Focus) - Design, implement, and evolve secure-by-design architectures for cloud, network, identity, endpoint, and infrastructure platforms. - Partner closely with IT and engineering teams to embed security controls, guardrails, and patterns early in solution design. - Lead consolidation and rationalization of the security technology stack, identifying redundancies and driving integration and modernization. - Define and maintain security reference architectures, secure configuration baselines, and architectural patterns across platforms in current state, through M&A and supporting business growth. - Evaluate emerging technologies to strengthen enterprise security capabilities while simplifying and centralizing the environment. - Drive enterprise-wide adoption of zero trust principles, identity-centric controls, and strong segmentation practices. - Build scalable automation for security services, control enforcement, and platform provisioning. Security Technology Integration & Centralization - Integrate disparate tools and telemetry sources into centralized, unified platforms. - Streamline data flows across cloud, on-prem, and hybrid environments to support advanced monitoring and analytics. - Engineer interoperability between core security capabilities - Develop API-driven automation and orchestration to reduce manual effort and ensure consistent enforcement of controls. - Lead technical roadmaps for critical security platforms, ensuring alignment across IT and security stakeholders. Collaboration & Leadership - Act as a trusted advisor to IT, cloud, network, and infrastructure teams for secure design and control implementation. - Provide senior engineering guidance during major digital transformation initiatives, cloud migrations, and infrastructure modernization projects. - Partner with security leadership to shape enterprise security strategy and long-term program development. - Communicate complex technical concepts to both technical and executive audiences, influencing architectural decisions. Support for Security Operations - Provide expert engineering support to improve detection, prevention, and resilience capabilities. - Assist in defining technical requirements for detection content, logging, and security telemetry (architecture-level input, not SOC operations). - Inform security operations teams of architectural gaps and recommended improvements. Qualifications & Competencies: Required - 10+ years in security engineering, secure architecture, or platform security roles. - Deep expertise designing, integrating, and securing enterprise-scale systems across cloud, network, identity, and endpoint domains. - Proven experience building or modernizing large-scale security capabilities and consolidating complex toolsets. - Strong background in security standards, architectural patterns, and modern control frameworks (Zero Trust, CIS, NIST, MITRE ATT&CK). - Hands-on engineering experience with automation, scripting, and API integrations (Python, PowerShell, REST APIs). - Strong understanding of cloud-native security (Azure, AWS, OCI), hybrid environments, and infrastructure-as-code. - Excellent communication skills, able to influence senior technical and business stakeholders. Preferred - Experience driving secure design reviews and threat modeling practices. - Expertise with identity services (AAD/Entra, SSO, MFA, PAM, secrets management). - Knowledge of modern security service architecture (EDR/XDR, SIEM, SOAR, vulnerability management, Cloud, sec/ops - Professional certifications (e.g., CISSP, CCSP, GIAC Cloud, GDSA, GCSA). This description has been designed to indicate the general nature and level of work being performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job. Crane Company. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, color, religion, gender, sexual orientation, general identity, national origin, disability or veteran status.

• Develop and maintain a pragmatic cybersecurity strategy and roadmap aligned to business objectives. • Define security policies, standards, and procedures appropriate for a fast-growing SMB environment. • Establish cybersecurity governance, risk appetite, and reporting mechanisms. • Present cyber risk updates to executive leadership and private equity (PE) stakeholders in plain business terms. • Identify, assess, and prioritize cyber risks using a risk-based approach. • Oversee vulnerability management, penetration testing, and remediation efforts. • Lead compliance initiatives, such as SOC 2, ISO 27001, NIST, CMMC, HIPAA, PCI-DSS. • Ensure third-party and vendor risk management processes are in place. • Own the incident response plan, tabletop exercises, and breach readiness. • Lead response to security incidents, ransomware events, or data breaches. • Coordinate with legal, insurance, forensics, and external advisors as needed. • Oversee backup, disaster recovery, and business continuity planning. • Oversee core security tooling (IAM, endpoint security, SIEM/MDR, email security, cloud security). • Ensure secure configuration of cloud, SaaS, and on-prem environments. • Partner closely with IT and operations teams to embed security into operations. • Make cost-effective build vs. buy decisions. • Support cybersecurity due diligence for acquisitions. • Assess security posture of acquisition targets and provide risk summaries. • Align security maturity with PE exit strategy (strategic buyer or IPO readiness). • Build a security-aware culture through training and phishing simulations.