• Provide expert recommendations, advice, and input during all phases of the project: Planning, Design, Initiation, Setup, and Accreditation to the SAF/AQ Special Security Officer (SSO)/DIA Accrediting Official (AO). • Provide expertise to the U.S. government throughout the construction process and ensure that all design reviews and final plans are done in accordance with the ICD-705, TEMPEST 1/13, DoD 5200 and other DoD/IC Directives and Guidelines to ensure a final accreditation secure area at construction completion. • Advise AO of any discrepancies, variances, contractor misconduct and other securing incidents and delays.

• Define and evolve the security architecture across cloud, application, and infrastructure domains. • Lead threat modeling and risk analysis for complex systems and new product initiatives. • Develop and guide implementation of secure design principles across engineering teams. • Evaluate emerging security technologies and recommend strategic adoption. • Perform enterprise-level risk assessments and translate findings into prioritized remediation roadmaps. • Define and improve security policies, standards, and control frameworks. • Drive alignment of security practices with regulatory and compliance requirements. • Provide executive-ready summaries of risk posture and mitigation strategy. • Lead complex security investigations and incident response efforts. • Conduct root cause analysis and implement systemic improvements to reduce future risk. • Develop and refine runbooks, playbooks, and response automation. • Act as an escalation point for high-impact security events. • Partner with engineering teams to integrate security into the SDLC. • Define standards for secure code reviews and static/dynamic analysis. • Improve automation for vulnerability scanning, detection, and remediation. • Guide cloud security best practices across AWS/GCP environments. • Act as a trusted advisor to engineering leadership and cross-functional partners. • Influence technical decisions that balance security, scalability, and delivery speed. • Foster strong relationships with vendors and external security partners. • Mentor and guide junior security engineers and engineers outside the security team.

• Technical Support & Escalation: Senior technical resource for endpoint management services • Endpoint Management (Google Endpoint, JAMF & Crowdstrike): Design, implement, and maintain configuration profiles • Security Operations (EDR): Manage the deployment and health of the EDR agent • Identity & Collaboration: Administer the Google Workspace environment • Cross-Functional Strategy: Act as the technical glue between Help Desk and Security • Vendor Management: Manage relationships with IT vendors related to desktop software

• Monitor and manage serialization exceptions using TraceLink SCWM platform, ensuring timely investigation and resolution; Troubleshoot CVS Health’s traceability and verification issues, escalating to trading partners • Support the implementation of SOPs and compliance workflows for exception handling and traceability; Maintain and update knowledge management records, ensuring compliance documentation aligns with CVS Health’s policies and regulatory standards • Act as a liaison between CVS Health’s internal teams and external trading partners (manufacturers, wholesalers), addressing quarantine inventory issues and exception resolutions • Assist in training CVS Health teams (Retail pharmacies and distribution centers, PBM Mail, PBM Specialty, etc.) on serialization compliance, exception management, and best practices • Support the development of systems and processes needed for on-going exceptions management. Stay up to date with DSCSA compliance milestones, providing input for process improvements and regulatory updates