• Plan, implement, and sustain ISO 27001 security controls as per the standard. • Oversee and manage information security projects across their lifecycle. • Develop and enforce information security policies, procedures, and processes. • Conduct risk assessments and snap audits for potential security threats. • Coordinate internal and external audits for compliance and certification and manage business continuity plans. • Develop and maintain Business continuity plan and conduct tabletop exercise for BCDR scenarios.

• Develop and implement strategic business plans to grow revenue and market presence through distribution partners. • Manage a portfolio of authorized distributors, fostering strong relationships and ensuring alignment with Johnson Controls’ goals. • Drive adoption of Exacq, Kantech, and Illustra solutions through joint marketing campaigns, training initiatives, and sales enablement programs. • Collaborate with internal teams to ensure operational excellence in channel support, forecasting, and supply chain logistics. • Track and analyze distributor performance metrics to identify growth opportunities and address underperformance. • Conduct regular business reviews with distributors to ensure goal alignment and pipeline visibility. • Support pricing, program, and promotional execution to maximize partner success and competitiveness. • Maintain deep knowledge of competitive landscape and evolving customer needs within the security industry.

Role Description The A.C.Coy has an immediate need for a Security Engineer. Qualified candidates will be responsible for supporting the security and compliance of the company-wide infrastructure, including networks, servers, workstations, and telecommunications systems. - Manage and maintain the organization’s Public Key Infrastructure (PKI) systems, ensuring secure encryption, certificate management, and cryptographic key lifecycle processes are in place and operating effectively. - Implement and oversee encryption solutions to protect data at rest, in transit, and in use across both on-premises and cloud environments, ensuring compliance with industry security standards. - Secure cloud environments (including AWS, Azure, and GCP) by ensuring adherence to internal security policies and industry best practices, and assist in the implementation and management of identity management, access control, and data protection within cloud services. - Collaborate with third-party vendors to securely integrate external systems. - Deploy, manage, and maintain firewalls, including Firewall-as-a-Service (FWaaS), Unified Threat Management (UTM) solutions, and Secure Web Gateways (SWG), to secure network traffic and enforce security policies. - Implement and manage advanced security technologies such as Cloud Access Security Brokers (CASB), Zero Trust Network Access (ZTNA), and other solutions to strengthen security posture. - Serve as a primary escalation point for security incidents and audits, leading or assisting in the development of mitigation strategies, post-incident reviews, and compliance reviews to ensure ongoing ISO 27001 adherence. - Act as an internal consultant to IT teams and departments, providing subject matter expertise on infrastructure security, cloud environments, and endpoint protection. - Lead reviews of infrastructure security components, recommend improvements, and develop risk mitigation strategies that align with the security posture and industry requirements. - Continuously monitor internal control systems to ensure appropriate access levels and security configurations are maintained across all infrastructure components. - Analyze daily security events and alerts in the context of policies, prioritizing and escalating issues as appropriate to support timely and effective incident response. - Evaluate security policies and procedures to identify improvement opportunities and ensure alignment with standards, industry requirements, and regulatory expectations. - Provide technical support and administration for LAN/WAN, remote access, IDS/IPS, and unified threat management systems, including troubleshooting, analysis, and the testing and deployment of new hardware and security applications. - Deploy and manage policies for antivirus and endpoint detection and response agents in collaboration with system owners to ensure effective endpoint security management. - Manage the availability and security of public domains and DNS records. Qualifications - Bachelor’s degree in Computer Science, Business, Engineering, or a related field; or equivalent work experience is required. - CISSP certification or progress toward CISSP certification is preferred. - Minimum of five years of experience in information systems, including at least one year of systems project management experience. - Proven background in applying advanced IT security concepts and extensive understanding of contemporary hardware and software architectures in a multi-site, mission-critical environment. - Experience with the development and implementation of security policies and procedures, security awareness programs, and participation in IT audits preferred. - Hands-on experience with operating system security, encryption technologies, forensic analysis, penetration testing, and vulnerability/risk assessment.

• Lead the protection and defense of UMG’s digital applications and product ecosystem with an emphasis on securing artificial technology (AI) • Focus on detecting, mitigating, and responding to AI-related security threats • Establish, lead, and execute multi-year roadmaps to mature AI security • Conduct application and product security evaluations and lead AI security assessments in a cross-functional environment • Procure and/or build technical solutions to embed automated security checks into the AI SDLC and ML-Ops • Threat model complex Agentic and AI systems and design security requirements collaboratively • Review code for security bugs in the context of AI-driven systems • Provide leadership for AI Security policies and standards in collaboration with technology risk • Provide AI/Agent subject matter expertise for AI Incidents and Security Reviews • Assist in the formation of an AI Center of Excellence (ACE)