• Assist in gathering, organizing, and maintaining documentation for security authorization packages • Support the development and upkeep of System Security Plans (SSPs) • Help track and document Plans of Action and Milestones (POA&M) • Participate in security control assessments (SCA) under the guidance of senior staff • Assist in vulnerability scanning, tracking, and basic analysis • Maintain and update various security compliance documents • Collect and organize evidence for security controls implementation • Support continuous monitoring (ConMon) tasks to maintain system authorization • Participate in security meetings, working groups, and status reviews • Learn and apply the NIST Risk Management Framework (RMF) to real-world projects • Assist in preparing basic security documentation , reports, and checklists • Support system inventory maintenance and asset management • Help track security metrics and contribute to report generation • Assist with basic security testing activities under supervision

• You will be the sole dedicated security professional, responsible for both defining the strategy and executing the technical work. • Collaborate extensively with the existing technology team (Engineers, Leadership, Helpdesk) to implement all necessary security changes. • Define and champion a comprehensive, multi-year information security strategy aligned with business objectives, risk tolerance, and industry growth. • Own the selection, implementation, and continuous auditing of the NIST Cybersecurity Framework (CSF) across the entire organization. • Develop and present clear, concise security reports, risk posture summaries, and strategic investment requests to Executive Leadership and the Board of Directors. • Lead the formal security risk management program, including top-level risk assessments and prioritization.

• Implement and configure SAP IAG, SAP IAS, and SAP IPS in strategic projects; • Work on identity management and access administration; • Perform Fiori authorization tasks (catalogs, groups, roles, and authorizations); • Integrate with authentication and identity platforms; • Collaborate with the team and report progress in an organized manner.

• Design a robust security system to protect the company’s computer systems and networks from threats • Designing robust security architectures for IT projects, including M&A activities • Developing and maintaining security standards, and guidelines • Conducting system security and vulnerability analyses and risk assessments • Identifying integration issues and develop solutions to these issues • Ensuring the architecture and security systems align with the business’s goals and requirements • Researching, designing and advocating new technologies, architectures, and security products • Ensuring compliance with the changing laws and applicable regulations • Participating in Incident Response and Forensic investigations • Working with IT department and members of the information security team to design, implement, manage, and report on, the effectiveness of security controls • Staying up to date with the latest security systems, standards, authentication protocols, and products • Plan and implement security measures to protect sensitive data and systems from infiltration and cyber-attacks • Design and implement user identity access management systems • Evaluate new cybersecurity threats and IT trends and develop effective security measures • Work very closely with infrastructure and application teams to secure Henry Schein systems and data