• Responsible for the application security function and for information technology security (Cybersecurity/InfoSec) engineering and design • Solve significant problems complicated by interfaces and inter-relationships between programs, systems, functions, applications • Manage and administer a wide range of security systems and tools • Develop security metrics and manage reporting and compliance • Support operational implementation of FISMA/NIST standards and industry best practices • Manage IT Security awareness training program in coordination with the Learning Management team

• Lead fee development in the Professional Services Agreement (PSA), proposal, and interview coordination with marketing • Lead fee negotiations with client • Foster client relationships and fellow design team members • Ask clients about other current or upcoming projects • Follow up on open pursuits • Develop additional business with client • Attend client and/or industry events • Attend client meetings with senior technical staff members and prepare meeting notes documenting relevant decisions and discussions • Conduct client meetings and programming sessions to develop the system (telecom, security, network, audiovisual, and acoustics) parameters and design criteria • Prepare and/or delegate mark-ups for Revit models and AutoCAD drawings • Research technical product information • Conduct and/or delegate job site inspections to determine existing conditions and extent of progress made by contractors • Design, coordinate, and engineer systems per discipline (telecom, security, network, audiovisual, acoustics, Wi-Fi, etc.) • Track decisions, budgets, and schedule for mid to large-size projects • Prepare drawings, specifications, contract documents, and design calculations • Conduct and/or delegate design team coordination (architects, engineers, TEECOM team) • Manage client interface between technology and facilities staff and the architects, integrators, and contractors • Conduct and/or delegate the programming, design, construction, and closeout phases of each assigned project • Perform and /or delegate job site inspections to determine existing conditions and extent of progress made by contractors • Prepare and/or delegate schedules and identify tasks required to complete each phase of the project • Provide support to the team, develop tools, improve processes, and share technical knowledge • Attend and contribute to internal team, discipline, and project meetings • Conduct and/or delegate configuration and commissioning of systems to ensure 100% functionality is delivered • Prepare and/or delegate opinions of probable construction cost (OPCC) for systems as required • Perform special projects assigned by leadership related to overall management of the firm • Provide periodic updates to leadership on project status, schedule issues, and financial performance • Perform other work-related duties as assigned • Ensure timesheets/expense reports are accurate and up-to-date daily • Achieve billed revenue target each quarter • Identify, prepare, and secure authorization for Additional Services Agreements (ASA) when scope of the project deviates from the Professional Services Agreement (PSA) • Meet project budgets and positively contribute to profitability • Ensure that all client and design team due dates, submission dates, and completion dates are met

• Oversee the entire product lifecycle, from roadmap development to go-to-market strategy, ensuring all deliverables meet high standards of quality and impact. • Apply your deep understanding of cybersecurity to design practical use cases that address key risks such as data retention and sensitive information accumulation. • Engage directly with customers to understand their security challenges, refine use cases, and ensure the platform meets their specific needs. • Collaborate with cross-functional teams to integrate use cases into Qostodian, ensuring they provide actionable insights and tangible risk reduction. • Utilize tools like ChatGPT to streamline the creation of detailed product requirements, reducing time spent on brainstorming and documentation while maintaining high accuracy. • Create user guides, release notes, and technical specifications while ensuring robust QA processes for reliable product performance. • Work closely with engineering, marketing, and sales teams to ensure the successful deployment of product features and their adoption by customers. • Define and monitor KPIs related to risk reduction and feature impact, using these insights to guide product iterations and improvements.

• Develop an information security vision and strategy that is aligned to organizational priorities. • Participate in strategic and operational governance processes. • Manage the information security management system. • Lead strategic information security planning to achieve business goals by prioritizing initiatives and coordinating the evaluation, deployment, and management of current and future technologies using a risk-based assessment methodology. • Provide regular reporting on the current status of the information security program to a variety of audiences including senior management. • Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices and regulatory requirements. • Manage the budget for the information security function, monitoring and reporting discrepancies. • Manage the information security organization, including hiring, development, retention and performance management. • Define and communicate plans, procedures, policies, and standards for the organization for acquiring, implementing, and operating new security systems, equipment, software, and other technologies. • Participate in feasibility studies and conduct risk assessments for software and systems under consideration for purchase and make recommendations. • Ensure that any new software and integration into company systems meet security requirements. • Act as advocate and primary liaison for the company’s information security vision via regular communications with the senior leadership, department heads, and employees. • Create a risk-based process for the assessment and mitigation of any information security risk in the ecosystem consisting of supply chain partners, vendors, consumers and any other third parties. • Work closely with the technology and product departments on corporate technology development to fully secure information, computer, network, and processing systems. • Develop, track, and control the security services annual operating and capital budgets for purchasing, staffing, and operations. • Recommend and implement changes in security policies and practices in accordance with changes in local or federal law. • Manage and contain information security incidents and events to protect corporate IT assets, intellectual property, regulated data and the company’s reputation. • Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action. • Develop and oversee effective disaster recovery policies and standards to align with the enterprise business continuity management program goals. • Coordinates the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security event; provides direction, support and in-house consulting in these areas. • Facilitate and support the development of asset inventories. • Promote and oversee strategic security relationships between internal resources and external entities, including vendors, and partner organizations. • Remain informed on trends and issues in cybersecurity, including current and emerging technologies and threats. Advise, counsel, and educate executive and management teams on their relative importance and organizational impact.