• Cultivate and maintain strong relationships with business stakeholders. • Conduct threat intelligence for potential incoming target acquisition companies. • Lead security and privacy due diligence process for target acquisitions, including technical architecture reviews, penetration tests, vulnerability assessments, security and privacy evaluations, risk identification and risk prioritization. • Develop the security strategy for each incoming M&A; documenting key details about the target acquisition, technology stack, current security and privacy posture, third-party due diligence results, etc. ahead of deal close to ensure that all members across SPA teams and relevant stakeholders are up-to-speed and understand the acquisition’s security posture. • Partner closely with our corporate IT M&A counterparts throughout the acquisition due diligence process. • Partner with the the M&A Security TPM to hand off active onboarding integration activities to ensure a smooth transition for the target acquisition personnel. • Manage long term security and privacy risk management for the subsidiary after active onboarding completes, where applicable; ensuring that critical and high risk security risks are prioritized and mitigated/resolved. • Evaluate risks within the acquisition, advise the business on prioritization, and recommend treatment strategies. • Develop metrics and reporting in partnership with the M&A Security TPM to communicate security and privacy M&A to SPA and other key stakeholders. • Serve as the subject matter expert for the target on security, privacy, risk, and compliance.

• Deliver proactive, secure-by-default protections across the stack (cloud, CI/CD, applications, and endpoints) by creating paved roads and guardrails that reduce risk at scale and become the default way to build • Provide practical security guidance on new products and technologies, emphasizing secure-by-default patterns that fit seamlessly into existing workflows • Lead design reviews and threat modeling for high-impact features and services; identify risks early and ensure mitigations are designed in • Build and scale security tooling that prevents issues at build/deploy time and automates detection and response in production • Evolve our detection and incident response capabilities — improve signal quality, tune detections, and implement automated responders to reduce manual toil and time to contain • Partner across business functions to strengthen company-wide security: endpoint and device trust, identity and email protections, security awareness and training, vendor reviews and risk assessments, and support for compliance (e.g., PCI/SOX) • Protect SeatGeek from abuse and bots at the edge and app layers through layered defenses and tuning • Lead and participate in notable security incidents and tabletops; improve runbooks, processes, and stakeholder communications after each event • Mentor engineers, uplevel secure coding practices, and contribute to a positive, pragmatic security culture across the company

• Protect sensitive data and critical assets from current and emerging threats • Collaborate and pair with cyber security services to create secure, reliable, scalable software solutions • Document, review and ensure that all quality and change control standards are met • Write custom code or scripts to automate infrastructure, monitoring services, and test cases • Work with vendors and partners for the successful implementation of critical tooling and platforms • Create meaningful dashboards, logging, alerting, and responses to ensure that issues are captured and addressed proactively • Evaluate new technologies for adoption across the enterprise • Participate in and lead review board sessions to drive consistency across the enterprise • Field questions from engineers, cyber teams, or support teams • Monitor tools and participate in conversations to encourage collaboration across teams • Provide application support for software running in production • Act as a technical escalation point for the engineers on the team • Provide leadership, mentoring, and coaching to Software Engineers • Attract, retain, and develop top talent to build a world class Software Engineering Team • Conduct annual and mid-year reviews by reviewing individual development plans and team feedback • Foster collaboration with team members to drive consistency across cyber security teams

• Defines and owns the Product Enablement vision and roadmap for Cyber Technology • Ensures product owners on the team maintain clear backlogs, well-defined acceptance criteria, and value-focused prioritization • Partners with Cyber Application Development & Analytics and Legal IT Systems Support to translate stakeholder needs into actionable requirements • Oversees creation and maintenance of high-quality technical documentation, runbooks, knowledge articles, and training content • Establishes standards and guardrails for documentation quality • Defines, tracks, and reports on key Product Enablement metrics • Works with vendors and internal partners on the successful implementation and optimization of critical enablement tooling and platforms • Fields questions from product teams, cyber teams, legal IT teams, and support teams related to enablement processes • Acts as a connector and facilitator across teams • Provides support for enablement tools, processes, and artifacts • Monitors feedback channels and stakeholder sentiment to identify adoption challenges • Leads, coaches, and develops a team of agile coaches, technical writers, and product owners • Sets clear goals and performance expectations aligned to cybersecurity strategy • Attracts, retains, and develops top talent to build a high-performing, inclusive Product Enablement team • Guides team members in strategy, alignment, analysis, and execution tasks • Leads the adoption and maturation of agile practices across partner teams • Standardizes ceremonies, work intake, and flow of work