• Collaborate with Technology and Product teams to conduct security assessments, ensuring code and infrastructure changes align with SOC 2, PCI-DSS, and internal policies. • Automate compliance and control activities such as risk assessments, vulnerability scanning, third party risk management, and control validation. • Create monitoring and detective alerts for security operations, non-compliance, and incident response. • Responsible for maintaining a healthy posture of our security tools and automations. • Provide support for third-party assessments from customers and audit evidence collection and review. • Expand beyond purely identifying gaps and risks, and own the design and implementation of monitoring and remediating them. • Span across multiple security domains, you’ll be able to flex into technical and non-technical roles to drive risk detective and mitigative projects.

• Owning, shaping, and running proof-of-concepts, beta programs, and pre-sales activities with customers and partner teams on the French market • Diving into enterprise architecture discovery and hands-on software configuration • Strategizing with and assisting customers as they move to more agile, secure, identity centric security models • Taking a consultative approach to solutions and solving challenges around next generation security transformation • Educating and enabling internal teams and partners regarding our Enterprise solution portfolios to motivate effective sales strategies • Influencing product roadmaps and ensuring the inclusion of business priorities and requirements of customers

• Deliver engaging, interactive live training sessions • Build and lead hands-on labs and exercises • Provide clear explanations of complex security concepts • Support students’ learning with feedback and Q&A • Align lessons to certification goals and industry expectations • Participate in pre-class planning and post-session debrief • Collaborate with curriculum developers on updates

• Work closely with the Product Owners, ISSOs, engineering and infrastructure staff to provide guidance on implementation if security policies, standards, and procedures • Analyze new or updated security requirements, collaborate with stakeholders, and develop responses that are clear and accurate • Support the review and update of ATO artifacts such as System Security Plans, Information System Contingency Plans, Configuration and Change Management Plans, Incident Response Plans, Privacy Impact Analysis, and more. • Interpret security risk assessment, review security scan results, assess security vulnerabilities and support the development and remediation of vulnerability and compliance issues via Plan of Action and Milestones (POA&Ms) • Support the development of implementation and design documentation relating to security feature implementation • Work with engineering and infrastructure personnel to document remediation for vulnerabilities and non-compliance issues • Analyze and interpret agency security requirements and provide governance communication to non-security personnel • Collaborate with product teams, ISSOs and other stakeholders in support of continuous monitoring and ATO efforts • Conducts vulnerability assessments and monitors systems, networks, databases and Web-based assets for potential system breaches. • Recommends and takes the lead on implementing changes to enhance security systems, prevent unauthorized access, and help mitigate security vulnerabilities. • Responds to alerts from information security tools. • Reports, investigates, and resolves higher level security incidents. • Responds to security tool outages, degradations in service, tune security rules and alerts, and setup/maintain security tool dashboards and reporting. • Research security trends, new methods, and techniques used in unauthorized access of data to preemptively eliminate the possibility of system breach. • Ensures compliance with regulations and privacy laws. • Conducts research to identify new attack vectors. • Educates and communicates security requirements and procedures to all users and new employees. • Recommend process improvements to the information system for risk mitigation. • Applies iterative security automation to all program aspects increasing overall security posture iteratively and never accepts the status quo. • Provide audit log review in Splunk, present any findings to ISSO, and plan for any investigation or remediation activities. • Periodic user and privileged access reviews.