• Act as a Strategic Partner for Director of Cybersecurity & IT. • Support Compliance & Business Enablement for HITRUST, SOC 2, and HIPAA. • Architect & Automate Identity Access Management (IAM). • Lead AppSec & DevSecOps initiatives. • Identify and leverage AI-driven security tools. • Collaborate on AI Governance & Security Strategy. • Handle Security Operations for defensive tools. • Lead incident response during security incidents. • Drive Policy Governance for security policies. • Lead organizational rollouts & education on security tools.

• Maintain and support company certifications • Plan and conduct internal audits • Ensure policies and procedures are compliant • Research and implement security controls • Develop and deliver security awareness training • Conduct security risk assessments

• Translate business and compliance requirements into practical, well-documented security architecture designs using recognized frameworks (e.g., ISO 27001, NIST, CIS) • Develop, document, and maintain consistent secure architectural patterns with an emphasis on cloud security (AWS, Azure, GCP) • Implement threat-informed design principles, integrating zero trust architectures and defensive depth strategies to address security gaps and enhance resilience • Maintain alignment between security policies, enterprise architecture principles, and client expectations • Conduct comprehensive risk assessments and threat modeling to evaluate existing or proposed architectures for vulnerabilities • Provide actionable mitigation strategies informed by a risk-based approach and evolving threat intelligence data • Participate in or support incident response initiatives, aiding in root cause analysis and the development of post-incident recommendations • Act as a trusted advisor to clients by engaging in technical discussions to inform strategic security decisions • Collaborate cross-functionally with development, operations, and engineering teams to validate that security controls are effectively implemented across the development lifecycle • Deliver technical insights in presentations, workshops, and reports tailored to both technical and executive audiences • Engage in audits, assessments, and reviews to ensure delivery meets strict alignment with industry frameworks • Provide clients with guidance on the implementation and enforcement of technical standards and cloud-specific security policies • Maintain up-to-date knowledge of regulations and frameworks such as NIS2 and DORA to address compliance risks and initiatives • Recommend improvements in security policies based on compliance evaluations and evolving risks • Contribute to the development of security roadmaps by delivering expert recommendations tailored to each client’s security objectives • Assess emerging technologies and threats, identifying opportunities to evolve architectural strategies through innovation and cutting-edge tools • Participate as an SME in pre-sales activities, assisting in defining technical collateral that supports project delivery

• Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations • Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks • Performs vulnerability and risk analysis and participates in a variety of computer security penetration studies • Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers • Recommends solutions to meet security requirements • Gathers and organizes technical information about an organization's mission goals and needs and makes recommendations to improve existing security posture • Provides enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves • Provides workable recommendations and advice to client executive management on system improvements, optimization, and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC • Competent to work at the highest level of all phases of information systems auditing