• Observe and study SOC practices first-hand such as alert investigation and threat hunting, internalize required context, and extract patterns for automation and tooling. • Build, extend, and maintain security-focused AI agents, tools, and workflows that support alert investigation, threat hunting, and response automation across the SOC lifecycle. • Translate complex security workflows and analyst behaviors into scalable automation primitives that power autonomous SOC capabilities. • Rapidly prototype and iterate on new tooling, integrations, and platform features based on real operational feedback. • Collaborate cross-functionally with product, research, and engineering to ensure tools meet both user needs and architectural standards. • Communicate insights and trade-offs to both technical and non-technical stakeholders, helping shape product and operational direction.

• Managers support the delivery of consulting and attestation services. • As a Manager you will help understand client needs, perform gap assessments, identify and document control environments, identify design or operating effectiveness gaps, vulnerabilities, audit exceptions, develop recommendations to management, and assist management with policy DocDev and controls implementations. • Manage project resourcing, including working with Partners, Directors, Senior Managers, and other Managers on project resourcing • Lead and drive internal growth efforts by building relationships across the firm, as well as participate in sales calls. • Being the lead project manager regarding project delivery, including quality control and oversight supervision, assisting with adequate planning, execution, and direction to manage to budget and to quality • Understanding and communicating project status updates to clients and to internal stakeholders on engagement financials, client satisfaction, etc. • Identify areas to improve project delivery (process improvement) • Regarding attestation and certification services delivery, support the development of strong work papers in conformance with the firm’s methodology/standards and participation in report drafting • Maintain a strong client focus by understanding the client’s business needs while developing productive working relationships with client personnel to accomplish project objectives • Multi-task across multiple clients and compliance standards, while still maintaining appropriate attention to detail • Engage with our marketing and sales efforts to build marketing media, perform presentations, etc. • Work with (lead, teach, support, and communicate) other folks in our practice on CMMC and other standards, as well as offshore resources to deliver projects where practical and where available • Utilize your experiences to teach others in the practice on new approaches, execution strategies, compliance standards, etc.

• Building strong relationships across HR, Payroll, Benefits, and IT to ensure security aligns with business needs • Acting as a trusted advisor on Workday security best practices • Partnering with stakeholders to support secure and efficient HCM processes • Configuring and maintaining Workday security roles, groups, and domain/business process security policies • Implementing role-based, user-based, intersection, and segment-based security groups • Conducting regular audits and access reviews to ensure compliance and data integrity • Responding to operational security requests and troubleshooting access issues • Validating security configurations during Workday release cycles • Maintaining comprehensive documentation of security policies and audit logs • Ensuring security supports key HCM processes such as hiring, terminations, and benefits enrollment • Aligning security with Canadian HR and payroll compliance requirements • Providing training and guidance to HR analysts and business users • Preparing clear documentation and security guidelines • Presenting recommendations and findings to stakeholders • Facilitating workshops and training sessions on security best practices • Managing deliverables and schedules independently to ensure timely completion of security tasks and audits

• Safeguarding cloud infrastructure and applications • Driving security into the technology stack • Leading security initiatives in collaboration with teams • Integrating security controls into CI/CD pipelines • Conducting threat modeling and code reviews • Managing vulnerability discovery and remediation