• Safeguards the confidentiality, integrity, and availability of our systems, data, facilities, and medical operations • Leads security governance, risk management, and compliance efforts • Oversees security operations and incident response • Partners with IT, Clinical Operations, Privacy, and Compliance to ensure regulatory requirements are met • Responsible for proactive risk reduction, rapid detection and response to threats • Works closely with engineering team and third-party security partners to define secure coding standards

- Conduct regular security assessments and penetration testing of software applications and products. - Identify and prioritize potential security vulnerabilities and develop plans for remediation. - Collaborate with development team to implement secure coding practices and ensure security best practices are followed. - Stay up to date with the latest security vulnerabilities, trends, and best practices. - Participate in security architecture design and application design reviews. - Provide training and mentorship to Developers on coding practices to remediate identified vulnerabilities. - Be an informed Security partner by presenting past experience working as a hands-on software developer. Ideally utilizing the Microsoft Development stack. - Actively participate in the deep review of pen test and vulnerability assessments both in person with clients and remotely. - As needed provide training on secured development principals in both remote and in person settings.

• Act as the primary advisor for securing AI/ML workflows, conducting threat modeling for AI product features, and defining guardrails for Large Language Model (LLM) usage • Advise and review on agentic AI usage across the R&D department • Perform security testing and source code review of application and underlying platform for both AI and non-AI systems • Help upskill the wider security and engineering teams on AI security fundamentals and common threats/vulnerabilities • Partner with compliance and legal teams on AI governance decisions and processes • Act as a security partner, building and maintaining relationships with product and engineering teams to integrate security into the development process • Embed security principles and controls to achieve a ‘secure by default’ posture • Secure modern technology stacks that include Kubernetes, Docker, AWS, and CI/CD tooling • Participate in the security engineering on-call rotation to triage and respond to urgent security alerts and incidents outside of standard business hours when necessary

• Lead by being a highly technical leader who delivers high business impact on projects of increasing dependencies and ambiguity. • Lead a team of individual contributors focused on protecting patients, employees, and Aledade as a whole. • Build a comprehensive program and processes to enable secure access to Aledade’s data, including PHI, PII etc. • Work with cross-functional stakeholders and teams to establish design and implementation guidance and standards and manage project completion for end to end data lifecycle protections.