• Develop and maintain a comprehensive product cybersecurity architecture for our product ecosystem, ensuring alignment with industry standards and business objectives. • Stay well-informed of emerging cybersecurity threats and technologies; continuously updating our cybersecurity strategies and solutions accordingly. • Oversee and evaluate the implementation of cybersecurity controls, including but not limited to, encryption, access controls, network security, and secure coding practices. • Collaborate with product development teams to incorporate cybersecurity into the design and development lifecycle of products. • Liaise with external cybersecurity vendors and partners, managing relationships, and ensuring the effective integration of third-party security solutions. • Responsible for career development and performance management of the team. • Document, maintain, and lead the implementation of key activities in the cybersecurity management system. • Conduct, with a cross-functional team, a thorough threat analysis and risk assessment for existing and new products; identifying potential vulnerabilities and proposing mitigation strategies. • Complete the evidence to support the safety case claims for product cybersecurity. • Ensure compliance with relevant industry, regulatory, and organizational cybersecurity standards and policies. • Represent Torc at external standards and industry bodies and communicate our product cybersecurity approach. • Prepare and present reports on cybersecurity architecture, risk assessments, and mitigation strategies to senior management and relevant stakeholders. • Participate in and support product cybersecurity incident response and forensic activities. • Coordinate and share cybersecurity information, risk assessments, and incident updates with IT and Enterprise Cybersecurity teams to ensure consistent alignment of product cybersecurity practices with enterprise-wide standards and response protocols.

• Supports the management and oversight of compliance-related data assets • Performs data validation, reconciliation, and quality checks • Partners with Compliance, Legal, IT, Web Development, and Data Engineering teams • Escalates data quality or compliance risks appropriately • Assists in enforcing data governance, privacy, retention, and access control policies

• Lead and continuously evolve the global security strategy, ensuring alignment across all regions and business units. • Govern and enhance security capabilities and frameworks, including global protocols, mandatory e‑learning, and Essential Security Training (EST). • Strengthen travel risk and crisis management, supporting GRT, approving high‑risk travel, and ensuring preparedness globally. • Oversee global investigations, building investigation capabilities across regions and sites. • Ensure strong internal alignment with BU SHE leads and key functions (Audit, Insurance, Legal, Ethics, D&T, Finance, Communications). • Manage strategic external partnerships (Control Risks, International SOS, ISMA, and others). • Maintain clear communication through the GOE Security SharePoint and global platforms, ensuring visibility and easy access to guidance. • Provide support to EMEA sites by operationalizing global security protocols, validating security risk assessments, and supporting crisis readiness and major incident response. • Deliver key security trainings (EST, Crisis, SPHERA, ISOS) across the region and engage regional SHE leads, country leaders, and NPoRs to ensure alignment on security priorities and high‑profile events.

We are seeking a dedicated and experienced individual with a strong background in information security and technology to join our growing Managed Security Service Provider (MSSP) within the Security Operations Center (SOC).  As a SOC SIEM Analyst, you will play a crucial role as the technical expert who ensures our SIEM platform runs at peak performance and provides actionable security intelligence. This individual will be a key part of our security infrastructure team, working closely with SOC Analysts and IT staff. You must live in one of these locations to be considered for this remote position. (Connecticut, Delaware, Florida, Georgia, Illinois, Maryland, Massachusetts, New York, South Carolina, North Carolina, Tennessee, Texas, Utah, Virginia,Vermont, DC, Kentucky, Pennsylvania, Ohio or Washington.)   Duties/Responsibilities: - SIEM Platform Management - Administer and maintain the SIEM platform, ensuring system health, performance, storage, and availability. Perform updates, patching, and backups regularly. - Log Source Integration - Coordinate with internal and client teams to onboard new log sources, ensuring accurate and efficient data collection and parsing. - Content Development and Optimization - Create, tune, and manage SIEM content including correlation rules, alerts, dashboards, and reports to enhance detection capabilities and reduce false positives. - Performance Monitoring and Optimization - Analyze SIEM performance metrics and implement improvements to support scalability and high-speed querying. - Documentation and Reporting - Maintain documentation for SIEM architecture, processes, and procedures. Generate reports on system health, performance, and security metrics for management and compliance. - Security Incident Response - Conduct in-depth analysis and investigation of security incidents. Collaborate with SOC analysts to escalate and resolve advanced threats. - Client Engagement and Advisory - Assess client security needs and recommend tailored solutions aligned with Kraft Kennedy SOC standards. Develop and implement security policies to strengthen client security posture. - Collaboration and Support - Provide technical guidance and support to the SOC team. Troubleshoot SIEM-related issues and ensure timely resolution. - Continuous Learning and Threat Awareness - Stay current with emerging security trends, technologies, and threats to proactively safeguard client environments.