• Develop and implement the organization's information security strategy. • Provide regular security updates to the CIO, other executives, and the board of directors, including presentations on security matters. • Represent the organization in security-related matters with external parties, including vendors and auditors. • Work closely with the CIO and operate as a member of the DevOps team to emphasize and implement security initiatives. • Conduct regular risk assessments and vulnerability scans using tools like Rapid7 IVM and internal tracking systems. • Oversee the development and implementation of incident response plans and conduct tabletop exercises with DevOps team members. • Ensure compliance with relevant regulations and standards, including HITRUST, NIST, DirectTrust, HIPAA, SOC 2 (Type II), ISO. • Manage internal and external security audits, including evidence collection and preparation. • Develop, review, and update information security policies and procedures, including the Vulnerability and Patch Management Procedure and Data Center Access Procedure. • Participate in the day-to-day operations of the security team and manage security tools and technologies, including Check Point, SentinelOne, and intrusion detection systems. • Lead and mentor the security team, reviewing tasks and responsibilities working closely with the DevOps team members. • Evaluate and manage security vendors, including VDA Labs, KnowBe4, and perform vendor audits.

• Execute outbound prospecting campaigns via phone, email, and LinkedIn • Qualify inbound and outbound leads to identify sales-ready opportunities • Educate prospects on Tech, SaaS, cybersecurity, FinTech, and AI solutions • Set qualified meetings and demos for Account Executives • Research target accounts and identify key stakeholders • Maintain accurate CRM records and pipeline activity

• Provide expert recommendations, advice, and input during all phases of the project: Planning, Design, Initiation, Setup, and Accreditation to the SAF/AQ Special Security Officer (SSO)/DIA Accrediting Official (AO). • Provide expertise to the U.S. government throughout the construction process and ensure that all design reviews and final plans are done in accordance with the ICD-705, TEMPEST 1/13, DoD 5200 and other DoD/IC Directives and Guidelines to ensure a final accreditation secure area at construction completion. • Advise AO of any discrepancies, variances, contractor misconduct and other securing incidents and delays.

• Define and evolve the security architecture across cloud, application, and infrastructure domains. • Lead threat modeling and risk analysis for complex systems and new product initiatives. • Develop and guide implementation of secure design principles across engineering teams. • Evaluate emerging security technologies and recommend strategic adoption. • Perform enterprise-level risk assessments and translate findings into prioritized remediation roadmaps. • Define and improve security policies, standards, and control frameworks. • Drive alignment of security practices with regulatory and compliance requirements. • Provide executive-ready summaries of risk posture and mitigation strategy. • Lead complex security investigations and incident response efforts. • Conduct root cause analysis and implement systemic improvements to reduce future risk. • Develop and refine runbooks, playbooks, and response automation. • Act as an escalation point for high-impact security events. • Partner with engineering teams to integrate security into the SDLC. • Define standards for secure code reviews and static/dynamic analysis. • Improve automation for vulnerability scanning, detection, and remediation. • Guide cloud security best practices across AWS/GCP environments. • Act as a trusted advisor to engineering leadership and cross-functional partners. • Influence technical decisions that balance security, scalability, and delivery speed. • Foster strong relationships with vendors and external security partners. • Mentor and guide junior security engineers and engineers outside the security team.