Role Description Tangent Technologies is seeking a skilled Information Systems Security Officer (ISSO) to support a federal program. The ISSO will ensure ongoing security, compliance, and risk management of information systems. This role is critical in the development and implementation of system security documentation and procedures, which are required to obtain and maintain an Authority to Operate (ATO). In this position, the ISSO will serve as a trusted security advisor, ensuring compliance with federal standards including NIST, FISMA, FedRAMP, and the Risk Management Framework (RMF). The ISSO will also help implement effective continuous monitoring practices for assigned systems. Candidates should be proactive, detail-oriented, and possess strong communication skills for client engagement. This position is 100% REMOTE. Key Responsibilities - Security Assessment & Authorization (A&A): - Lead the preparation of ATO packages, including System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), Security Assessment Reports (SARs), and supporting documentation. - Guide systems through the ATO lifecycle and continuous authorization processes, ensuring compliance with NIST SP 800-53, FISMA, and RMF standards. - Risk Mitigation: - Conduct Security Impact Analyses (SIA) for system changes, develop mitigation strategies for identified vulnerabilities, and collaborate with system engineers to maintain secure system baselines. - Compliance Enforcement: - Perform self-assessments, risk assessments, and annual testing of Contingency Plans and Incident Response Plans. - Continuous Monitoring: - Review audit logs, analyze vulnerability scans, and evaluate system-level reports to ensure the effectiveness of security controls. - Technical Knowledge: - Demonstrate expertise in network security, cloud environments (including containers and architectures), operating systems, and security assessment tools. Qualifications - Bachelor’s degree in IT, Cybersecurity, or a related field - Minimum of 6 years of experience in ISSO or RMF roles - Direct experience developing ATO packages (SSP, POA&M, SAR) - Strong knowledge of NIST SP 800-53, FISMA, and RMF requirements - Demonstrated ability to manage multiple systems (4-6 simultaneously) Preferred Qualifications - Experience with cloud-based systems (SaaS, IaaS, PaaS) from major providers such as AWS, Azure, or GCP - Experience using Google Suite tools - Familiarity with AI tools such as Gemini, ChatGPT etc. - Familiarity with Archer or CSAM platforms - Relevant certifications (one required): CISSP, CISM, CISA, CRISC, CGRC - Experience supporting federal civilian agencies - Active Public Trust clearance Veteran Hiring Preference Tangent Technologies is a Service-Disabled Veteran-Owned Small Business (SDVOSB). Veterans and military-affiliated individuals are strongly encouraged to apply. Security Requirement Candidates must successfully complete a federal background investigation, which includes a financial suitability screening.

Our vision is to establish HUGO BOSS as the leading premium tech-driven fashion platform worldwide and to be one of the top 100 global brands. At HUGO BOSS, we work as a team to apply our knowledge, skills and experience together and create a diversity of ideas and solutions. What unites us? We love fashion, we change fashion! At HUGO BOSS, you have the opportunity to contribute your personality, ideas and creativity — because only when we break new ground together can we create something unique. Become part of our team of more than 19.000 employees worldwide and shape your future at HUGO BOSS! In this role, the Loss Prevention Associate will assist the Loss Prevention & Inventory Control Manager in managing all aspects of inventory control for US. Please note - This role will be remote based. What you can expect: Responsibilities include, but not limited to the following: - Lead loss prevention investigations (ie: fraud, internal, external) and partner with cross functional business teams to resolve open concerns• Weekly monitoring of all sites to include alarm codes, key controls, physical security, etc. - Compile and analyze shrink results to uncover trends and create action plans to combat shortage - Partner with various internal and external business partners during investigations of inventory control to prevent further losses as well as recovery of losses. - Support all retail locations daily in inquiries about loss/damage of merchandise process, law enforcement inquiries - Locate outliers/issues and communicate that to management. - Knowledge of RFID (Radio-Frequency Identification) process in retail environment. - Compile concise actionable reports for executive management team. - Ability to travel, including some overnight travel to conduct loss prevention audits in retail locations. - Some early mornings, late nights, and some weekends - Any other ad hoc tasks or special projects related to loss prevention and inventory control. - Maintain professional liaison with law enforcement to ensure appropriate coordination of investigations and/or prosecutions to solve theft or fraud cases. - Assist with development of best practices and policies for USA and Canada, in the form of addendums to the SOM, that relate to Loss Prevention Your profile: - Bachelor’s Degree or equivalent - 3-5 years work experience in field - SAP experience is desirable - Experience implementing and curating exception based reporting - Familiarity with Business Intelligence solutions is desirable - Superior MS Excel is a must - Strong planning, critical thinking, problem-solving, and organizational skills - Maintain strict confidentiality and high level integrity - Excellent verbal and written skills - Ability to communicate effectively with Business teams - Ability to handle multiple tasks and remain fluid as the landscape is everchanging - Proven track record of managing projects independently, self-motivated - Strong planning, critical thinking, problem solving and organizational skills Your benefits: HUGO BOSS offers a comprehensive benefits package which includes: - Paid Parental Leave for FT employees - 21 paid days off (pro-rated based on first year of employment) plus your Birthday off - Generous Employee Discount Program - Paid Parental Leave for FT employees - Medical, Dental, Vision Benefits with Health Saving Account (HSA) option - SHIP (Share Investment Program) - Offers eligible employees the opportunity to become a co-owner and acquire shares in HUGO BOSS AG at special SHIP conditions. - 401(K) with company match - Flex Spending Account (FSA) - Commuter Benefits (Pre-tax) - Voluntary Benefits and Critical Illness - Company sponsored Life and Disability benefits - Employee Assistance Program (EAP) - Discounts for auto/home/pet insurance The expected base salary range for this position is from $67,000 - $72,000. It is not typical for offers to be made at or near the top of the range. Salary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered - #LI-MC1 We are a global company with our employees representative of the world at large. Our inclusive culture embraces each person’s authenticity and individuality. We are committed to equal employment opportunity. And we believe our equitable work environment helps unleash your full potential and inspires you to thrive.

Role Description The Secrets Management Technical Analyst is responsible for discovering, compiling, researching, analyzing, and documenting data, requirements, workflows, controls, and business processes within Enterprise Security Product and Services. This role serves as a subject matter expert and liaison between technical and business teams, supporting cybersecurity compliance and secure credential handling practices. The analyst will support Secrets Management operations, ensuring rapid remediation of exposed credentials identified through automated scanning tools. - Discover, review, validate, and analyze alerts generated by secret scanning platforms to identify insecurely stored or exposed secrets - Support Non-Human Identity (NHI) management, including governance, lifecycle oversight, and alignment of system and service accounts with enterprise security policies - Monitor and enforce secret rotation compliance, ensuring credentials are rotated according to policy and assisting teams in meeting regulatory and internal requirements - Coordinate with application teams, business owners, system owners, and engineering partners to remediate compromised credentials and enforce secure rotation workflows - Collaborate with security engineers to validate findings, confirm ownership, and assess the impact of policy or process changes - Track findings end to end, ensuring timely resolution and accurate attribution of ownership - Assist in improving scanning accuracy and optimizing discovery and remediation pipelines in partnership with engineering teams - Serve as a liaison between IAM and business partners to ensure cohesive remediation and secure credential usage practices - Prepare and deliver metrics and dashboards related to exposed secrets, mean time to detect and remediate, repeat findings, and overall security posture trends - Maintain procedural documentation and develop automation runbooks - Perform other duties as assigned Qualifications - Bachelor’s degree in Information Technology, Cybersecurity, or a related field, or an equivalent combination of education, training, and experience - Knowledge of IT policies, security procedures, and identity governance frameworks - Understanding of foundational security concepts such as authentication, authorization, and Zero Trust - Experience with secret scanning technologies, automated discovery tools, or credential hygiene workflows - Familiarity with IAM concepts, incident response processes, and secure access management within enterprise environments - Strong analytical, problem solving, and communication skills Requirements - Experience generating security metrics, supporting risk mitigation efforts, or assembling audit evidence - Exposure to Privileged Access Management tools such as CyberArk - Ability to translate technical findings into clear, actionable business recommendations - Process improvement mindset with a focus on security, quality, and operational efficiency - Ability to serve as a trusted advisor to development, infrastructure, and business teams - Experience working in multicloud environments such as AWS, OCI, or Azure Benefits - Comprehensive Medical, Dental, and Vision Insurance - Employer-Paid Life Insurance - Employer-Paid Short-Term and Long-Term Disability Insurance - 401(k) - Paid Time Off (PTO) that includes Vacation Leave, Sick Leave, and 11 Paid Holidays - Educational Assistance

• Manage, operate, and optimize edge security solutions (WAF, CDN, Anti-DDoS, Bot Management) on market-leading platforms. • Analyze network traffic and security logs to identify, classify, and respond to incidents such as denial-of-service (DDoS) attacks, exploitation attempts, and malicious bot activity. • Create, tune, and maintain WAF rules and security policies to protect web applications and APIs against known and emerging threats while minimizing false positives. • Manage the lifecycle of digital certificates (SSL/TLS) for edge applications and services, ensuring validity, security, and proper deployment. • Serve as the technical focal point in investigations of application-related security incidents, actively participating in incident response. • Collaborate with development teams to integrate security practices early in the software development lifecycle (DevSecOps), ensuring new applications and APIs are secure by design. • Work with infrastructure and network teams to ensure security architecture aligns with business needs and industry best practices. • Develop and maintain detailed technical documentation on configurations, policies, and security procedures. • Automate operational and security analysis tasks using scripting languages (e.g., Python, Shell). • Produce security reports and metrics for leadership that demonstrate control effectiveness and application risk posture.