• Deliver successful consulting engagements across multiple Risk offerings while maintaining a high degree of customer satisfaction. • Perform qualitative and quantitative risk assessments using industry-recognized frameworks, such as FAIR, ISO 31000, 30101, 27005, NIST 800-30, etc. as a lead consultant. • Provide advisory services to GuidePoint customers to help mature their cyber risk management and information security programs. • Establish strong relationships and trust with customers to understand customers’ business environments and requirements. • Work with other GuidePoint Security practices as part of a cohesive cross-functional team. • Remain current on industry developments and incorporate into service delivery. • Strong ability to work independently and multi-task on multiple projects simultaneously. • Ability to contribute to practice and offering development. • Provide mentorship to other Risk consultants and team members. • Personal drive and passion for growing themselves and the Risk Practice. • Clear communication skills.

• Lead the design and implementation of secure architecture to support apree's evolving tech stack. • Build out and refine security automations related to vulnerability scanning, configuration management, IT integrations, detection engineering and automated incident response. • Provide Tier 4 (expert-level) support for complex cloud security incidents, escalations, and system issues. • Collaborate with engineering, IT, compliance, and business stakeholders to ensure security standards and policies are implemented consistently. • Stay current with emerging security threats, cloud technologies, and regulatory frameworks relevant to healthcare.

• Define, implement, communicate and maintain security strategy, policies, goals and requirements aligned with business strategy, and manage security resources, to support the company’s objectives • Work with the Security Council and Remote’s senior leadership in developing Remote’s Information Security vision, strategy and road-map of Remote’s Security function • Recruit and nurture individual growth to build an autonomous and high performing Security team • Be an advocate of information security best practices and proactively looking to improve and drive Remote’s security posture, driving efforts to improve Security Awareness across company • Drive Remote’s security risk management program, by partnering with Legal, Data Protection and Finance in developing and managing our enterprise risk management framework(s), and collaborating with senior leaders in reducing Information Security risks • Manage and improve upon our Application Security initiatives and personnel to make sure Remote is delivering the most secure Platform possible to its customers • Build a Security Incident Response processes and culture within the Security Team • Report to Remote’s top management about security risks, threats and their potential impact, incidents and security performance • Drive security compliance requirements from customers, standards and regulations • Supervise the management and improvement of Remote’s ISMS as defined in Remote’s ISMS roles and responsibilities document

• Embed robust security practices throughout the software and AI development lifecycle (SDLC). • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services. • Partner with engineering and product teams to ensure security, privacy, and compliance by design. • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows. • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments. • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft. • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act. • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations. • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management. • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction. • Build internal frameworks for continuous assurance and real-time vulnerability management. • Define and maintain reference security architectures for microservices, APIs, and AI-powered systems deployed in the cloud. • Mentor teams on secure coding, containerization best practices, and AI risk management. • Promote a security-first culture through advocacy, documentation, and training. • Represent product security in cross-functional initiatives and leadership discussions.