• Risk & compliance tracking against government standards (e.g. CCPA, NIST, SOCII). • Tracking and remediation management of vulnerability issues and system patches. • Review and recommend additional or changes to existing AWS security-minded services. • Work with managed security service provider to triage and respond to potential security events. • Grow, as needed, the data fed to SIEM to provide visibility into potential security events. • Develop security-minded reports and dashboards for the Exec team, and for techies. • Develop and deploy security system alerting and monitoring strategy. • Systems access level inventory and auditing. • Provide as-needed security-minded operational support of our applications and platforms. • Partner with development teams on security architecture decisions. • Implement tagging and reporting strategy to measure security event risk/impact. • Gain functional knowledge of all Encoura applications. • Serve in an on-call rotation for security, or potential security-related issues.

The Ewing Internship Experience Video Develop the skills and experience you need to succeed in the workplace while making the world a little greener at Ewing, the largest family-owned supplier of landscape and irrigation products in the U.S. During an internship at Ewing, you can expect to grow your skills, knowledge, and experience in wholesale distribution by working in several different job functions in our rotational program. You will gain operations experience working alongside our Branch Service Professionals learning counter sales, shipping, and receiving. Shadowing and performing the duties of a Branch Manager exposes interns to strategic planning and operations of running a branch. Interns will gain sales experience working alongside some of our Account Managers performing sales calls and activities to grow the business. Lastly, interns are exposed to high-level leadership through the mentoring from Regional and Divisional Managers allowing exposure to the strategic development of the business and our employees. All interns will be given the opportunity to work on a Capstone Project, where interns use their knowledge, skills, and interests to develop process improvement strategies for Ewing! Examples of projects include but not limited to… - Customer churn outreach - Conducting employee “stay” interviews - Social media outreach - Customer satisfaction exploration - Learning & Development activity effectiveness - And more! At the completion of the project, you will get the opportunity to present your findings and show off your hard work to a group of company executives. A great experience throughout!

• Lead customer due diligence questionnaire (DDQ) and RFP response process and third-party risk management process; track and manage high volume of DDQ and RFP requests. Coordinate and collaborate with internal teams to meet tight deadlines. Handle a high volume of requests and interactions in a fast-paced environment • Support enterprise sales with technical customer security discussions • Lead SOC 2 Type II audit preparation, evidence collection, and remediation • Conduct third party vendor security assessments, collaborate on third party risk management processes • Implement and manage third party tool and new processes to create efficiencies • Develop the security narrative and conduct security reviews for new product functionality to enable GTM • Review and negotiate security and compliance language in customer contracts in collaboration with Legal team • Build and manage Trust Center integrations and public-facing security documentation in collaboration with Legal team • Build customer-facing compliance artifacts (security whitepapers, certifications)

• Performs a variety of routine project tasks applied to specialized information assurance problems. • Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements. • Analyzes information security requirements. • Applies analytical and systematic approaches in the resolution of problems of workflow, organization, and planning. • Provides security engineering support for planning, design, development, testing, demonstration, and integration of information systems.