• Lead application security assessments, including scoping and managing penetration testing, threat modeling, and secure design reviews for high-impact systems. • Identify, validate, and prioritize complex security vulnerabilities across web applications, APIs, and cloud-native services. • Partner with software engineers to embed secure-by-default patterns into application architectures and development workflows. • Influence the security of primarily AWS-based systems, with exposure to GCP and Azure, focusing on identity, networking, data protection, and service integrations. • Drive AI security initiatives by establishing guardrails, patterns, and review practices, and assess AI-specific risks such as data exposure, misuse, and unintended behaviors in AI- and LLM-powered systems. • Develop and promote scalable application and AI security standards, guardrails, and best practices. • Mentor and coach security engineers, raising the technical bar and fostering a culture of security across the team. • Serve as a technical owner for application and AI security tooling, responsible for configuration, integration, and ongoing improvement in partnership with engineering and platform teams.

• Ensure Entrusts Public Key Infrastructure Certificate Authority (PKI CA) products meet applicable compliance frameworks, customer contractual requirements, and emerging standards across multiple communities of trust. • Provide support as needed to ensure that other DSS products remain in compliance with the applicable frameworks, regulatory requirements and customer contractual requirements for each. • Escalate compliance issues that arise in production service environments to the Entrust Policy Management Authority (EPMA) while maintaining on-going ownership of the issues and supporting PA/EPMA direction through issue resolution. • Facilitate external auditor engagements, organize required compliance evidence, schedule required resources, submit required reports, and manage audit timelines. • Closely monitor and advise product and development teams on regulatory priorities and emerging PKI use cases from multiple communities of trust (e.g., financial services, healthcare, government). • Feedback and monitor requirements and/or requirements change for each community of trust to the internal teams, ensuring alignment with Entrust’s compliance strategy. • Represent Entrust and take the lead on standards body engagement, as directed. • Make recommendations and follow-up to mitigate compliance risks and drive continuous improvement. • Oversee and drive the end-to-end operational security compliance and audit programs for WTCA and other applicable frameworks. • Review and make recommendations on operational procedures to ensure they efficiently and effectively comply with all relevant requirements. • Contribute applicable metrics to product compliance scorecards. • Facilitate timely identification, communication, and recommended resolution of compliance risks. • Serve as the internal and customer-facing subject matter expert on compliance frameworks (including WTCA and others). • Advise customers and internal stakeholders on best practices, compliance, and audit processes across multiple standards. • Proactively understand control best practices across WTCA and other frameworks and advocate for adoption of these internally at Entrust. • Assist with other audits and compliance activities relating to DSS product compliance, as requested. • Manage project document repository; maintain strict deadlines and positive vendor/customer relationships. • Gather feedback from customers, partners and other relevant external entities and provide that to the Product Managers for consideration as possible future service enhancements.

• Responsible for the application security function and for information technology security (Cybersecurity/InfoSec) engineering and design • Solve significant problems complicated by interfaces and inter-relationships between programs, systems, functions, applications • Manage and administer a wide range of security systems and tools • Develop security metrics and manage reporting and compliance • Support operational implementation of FISMA/NIST standards and industry best practices • Manage IT Security awareness training program in coordination with the Learning Management team

• Lead fee development in the Professional Services Agreement (PSA), proposal, and interview coordination with marketing • Lead fee negotiations with client • Foster client relationships and fellow design team members • Ask clients about other current or upcoming projects • Follow up on open pursuits • Develop additional business with client • Attend client and/or industry events • Attend client meetings with senior technical staff members and prepare meeting notes documenting relevant decisions and discussions • Conduct client meetings and programming sessions to develop the system (telecom, security, network, audiovisual, and acoustics) parameters and design criteria • Prepare and/or delegate mark-ups for Revit models and AutoCAD drawings • Research technical product information • Conduct and/or delegate job site inspections to determine existing conditions and extent of progress made by contractors • Design, coordinate, and engineer systems per discipline (telecom, security, network, audiovisual, acoustics, Wi-Fi, etc.) • Track decisions, budgets, and schedule for mid to large-size projects • Prepare drawings, specifications, contract documents, and design calculations • Conduct and/or delegate design team coordination (architects, engineers, TEECOM team) • Manage client interface between technology and facilities staff and the architects, integrators, and contractors • Conduct and/or delegate the programming, design, construction, and closeout phases of each assigned project • Perform and /or delegate job site inspections to determine existing conditions and extent of progress made by contractors • Prepare and/or delegate schedules and identify tasks required to complete each phase of the project • Provide support to the team, develop tools, improve processes, and share technical knowledge • Attend and contribute to internal team, discipline, and project meetings • Conduct and/or delegate configuration and commissioning of systems to ensure 100% functionality is delivered • Prepare and/or delegate opinions of probable construction cost (OPCC) for systems as required • Perform special projects assigned by leadership related to overall management of the firm • Provide periodic updates to leadership on project status, schedule issues, and financial performance • Perform other work-related duties as assigned • Ensure timesheets/expense reports are accurate and up-to-date daily • Achieve billed revenue target each quarter • Identify, prepare, and secure authorization for Additional Services Agreements (ASA) when scope of the project deviates from the Professional Services Agreement (PSA) • Meet project budgets and positively contribute to profitability • Ensure that all client and design team due dates, submission dates, and completion dates are met