• Develop a comprehensive DLP concept tailored to the company’s specific risks and requirements • Collaborate with business units to identify sensitive data and define appropriate protection measures • Technical implementation: install, configure, and integrate the DLP solution into the existing IT infrastructure • Operate and monitor the solution in day-to-day operations, including incident analysis • Maintain and optimize rule sets and continuously improve detection mechanisms • Advance the DLP strategy to proactively address emerging threats • Support awareness initiatives and provide training for employees • Conduct regular audits and prepare reports on the effectiveness of the program

Role Description Arcarithm is seeking a highly technical and detail-oriented Cybersecurity & Secure Systems Engineer to lead our application security testing and maintain the integrity of our restricted computing environments. This role is responsible for the end-to-end management of vulnerability scanning (SAST/DAST), the automation of security gates within our CI/CD pipelines using SonarQube, and the physical and technical upkeep of closed-area systems. The ideal candidate thrives in a secure, project-driven environment and ensures our software development lifecycle meets rigorous federal and defense-grade compliance standards. Please note security clearance on resume. Key Responsibilities - Application Security & DevSecOps Duties - Perform regular SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) scans to identify, triaging, and remediating software vulnerabilities. - Lead the integration and configuration of SonarQube into existing CI/CD pipelines to automate code quality checks and security gating. - Collaborate directly with software engineering teams to interpret scan results, provide remediation guidance, and ensure secure coding practices. - Monitor and report on security metrics, trends, and the overall health of the software security posture. - Stay current on the latest exploits, security trends, and automated testing tools to continuously improve Arcarithm’s defensive capabilities. - Secure Facilities & Systems Duties - Maintain and manage closed area computer systems, ensuring hardware, software, and networking configurations remain compliant with restricted environment protocols. - Execute routine system maintenance, patching, and troubleshooting within air-gapped or classified workspaces. - Ensure all closed-area assets are properly documented, tracked, and ready for government or internal audits. - Coordinate with facility security officers (FSOs) to ensure technical controls align with physical security requirements for high-security areas. - Develop and maintain standard operating procedures (SOPs) for the use and maintenance of secure computing resources. Qualifications - 3+ years of hands-on experience in Cybersecurity, Application Security, or Systems Administration within a secure or defense-related environment. - Technical Proficiency: Proven experience running and managing SAST/DAST tools and integrating SonarQube into automated pipelines. - Secure Environments: Experience maintaining "Closed Area," SCIF, or air-gapped workstations and servers. - Clearance: Secret DOD Clearance- with ability to obtain Top Secret. - Education: Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field (or equivalent professional experience). - Attention to Detail: Exceptional organizational skills with the ability to manage complex security documentation and audit-ready records. Preferred Skills - Compliance Frameworks: Strong working knowledge of CMMC (Cybersecurity Maturity Model Certification) and CMMI (Capability Maturity Model Integration) processes. - Certifications: CompTIA Security+, CISSP, CEH, or similar industry-recognized credentials. - Government Contracting: Familiarity with NIST SP 800-171, FAR/DFARS, and DC. Benefits - Comprehensive health insurance options. - A generous 401K plan. - Competitive salaries. - Continuous career growth opportunities. - Flexible schedules including remote work. - Mentoring and performance incentives.

• Build and maintain strong relationships with AWS account teams, technical teams, and partner contacts to drive co-sell and joint GTM opportunities. • Enable AWS teams to prospect and sell with Upwind, representing our solutions effectively to their customers. • Train and support Upwind’s sales organization on working with AWS for co-sell, marketplace, and partner programs. • Track and report on co-sell activity, joint pipeline, and partner-influenced deals, providing actionable insights to leadership. • Collaborate with internal sales, marketing, and solutions engineering teams to execute joint campaigns, co-branded programs, and GTM initiatives. • Support AWS Marketplace activities, including private offers, deal registration, and partner funding programs. • Manage a large number of contacts and programs, ensuring organized and timely.

• Improve Socket's security posture across the board. Own application security, cloud infrastructure hardening, operational security, and IT security. Write code and build tooling that makes the secure path the default path for engineers. Roll out identity and access controls, close gaps across the stack, and continuously reduce risk. • Assess, prioritize, and drive the security roadmap. Figure out what matters most, balance quick wins with longer-term improvements, and execute across many fronts in parallel. You won't wait to be told what to work on. You'll develop a clear picture of where Socket's risks are and make steady progress against them. • Run incident response and external security operations. Build and run a 24/7 security incident response process. Own the security@ inbox, triage inbound vulnerability reports, manage pentests, and coordinate fixes. When you can fix something directly, you do. • Maintain compliance and drive new certifications. Maintain our existing SOC 2 compliance. Drive new certifications (ISO 27001, etc.) as needed for enterprise customers. • Raise security awareness and culture across the org. Train engineers to write more secure code. Run phishing simulations. Build trust with engineering teams so that security feels like an enabler, not a blocker. Make people want to do the right thing rather than resenting security as a tax.