Role Description Aretum is seeking a skilled and highly motivated Security / RMF Engineer. As a Security / RMF Engineer, you will ensure compliance with VA security requirements and manage ATO lifecycle. Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements. Responsibilities - Develop and maintain RMF documentation (SSP, POA&M, SAR inputs) - Map and implement security controls across system layers - Coordinate with VA security stakeholders - Support vulnerability scanning and remediation - Enable continuous monitoring and compliance - RMF Framework: NIST 800-53, control families, tailoring - ATO Process: SSP development, POA&M management, authorization workflows - ServiceNow GRC (or similar): Documentation and tracking - Cloud Security: AWS security controls, shared responsibility model - Identity & Access Management: RBAC, least privilege, federation concepts - Encryption: TLS, data-at-rest encryption, key management (KMS) - Vulnerability Management: Scanning tools, remediation workflows - Logging & Monitoring: SIEM integration (Splunk, Datadog concepts) - Network Security: Segmentation, ingress/egress control, TIC awareness - Compliance Standards: HIPAA awareness, FISMA/FEDRAMP basics - DevSecOps Integration: Security in CI/CD pipelines - Risk Assessment: Identifying and documenting system risks and mitigations Travel Requirements This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible. Qualifications - Public Trust Eligibility Required - U.S. Work Authorization: Due to federal contract requirements, only U.S. citizens are eligible for this position. Requirements - Ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements. Benefits - Health Care Plan (Medical, Dental & Vision) - Retirement Plan (401k) - Life Insurance (Basic, Voluntary & AD&D) - Paid Time Off - Family Leave (Maternity, Paternity) - Short Term & Long-Term Disability - Training & Development EEO Statement Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance. As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws. We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience. If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance.

Director, Security Professionals Location: Contiguous US (within commuting distance of a major airport, Central or Eastern time zone preferred) ASSA ABLOY is a global leader in door opening solutions dedicated to providing a safe, secure, and accessible building environment. Every day, we help billions of people move through a safer, more open world with ease. If you’ve ever walked through an automatic door, stayed in a hotel, or gone through passport control, you’ve probably used one of our products or services. ASSA ABLOY’s offerings include products and services related to locks, doors, gates, and entrance automation such as controlling access and confirming identities with keys, cards, tags, mobile and biometric identity verification systems, mechanical and digital locks, cylinders, security doors and automated entrances. What you will be doing: This role will lead the business development strategy and day to day engagement of the ASSA ABLOY Security Partner program throughout the United States. The ASSA ABLOY Security Partner program was established in 2006 and has served as a business building catalyst for ASSA ABLOY and the partner members. This role is designed for an out‑of‑the‑box thinker and builder, someone who can independently create and implement innovative programs that strengthen partner loyalty, increase share of wallet, and position ASSA ABLOY as the preferred solutions provider within the Security Professional community. Key areas you will contribute to the role include: Channel Strategy & Business Growth: - Own and execute the national strategy for the Security Professional (locksmith) channel, aligned with ASSA ABLOY DSS USA growth objectives. - Drive revenue growth, product adoption, and partner engagement across a large group of key locksmith customers. - Identify whitespace opportunities, emerging trends, and unmet partner needs to fuel new business‑building initiatives. Partner Engagement & Program Development: - Design and implement creative, scalable engagement programs that motivate partners to lead with ASSA ABLOY solutions. - Build structured partner programs focused on differentiation, loyalty, and lead generation - Serve as the primary channel advocate internally, ensuring partner feedback influences product, marketing, and go‑to‑market decisions. Marketing & Communication Leadership: - Lead annual events for Security Partner participants including conference and business building programs (2X) to drive networking, business building strategies and loyalty through the process. - Collaborate with brand and channel marketing teams to deploy marketing content tailored to the security professional audience, ensuring clarity, relevance, and consistency. - Develop campaigns, tools, and messaging that resonate with locksmith businesses of varying sizes and sophistication. - Drive clear, compelling communication of ASSA ABLOY’s value proposition across mechanical, electromechanical and electronic access solutions. Training & Capability Building: - Lead the development and execution of training programs that build partner confidence, technical knowledge, and selling effectiveness. - Leverage best‑in‑class industry practices to create blended learning approaches (in‑person, virtual, on‑demand). - Ensure training initiatives translate directly into improved field execution and increased solution adoption. What success looks like: - Increased engagement, loyalty, and advocacy across the Security Professional channel. - Measurable sales growth and expanded adoption of ASSA ABLOY solutions within partner businesses. - Strong participation in training, marketing, and business‑building programs. - Clear momentum and excitement among locksmith partners to lead with ASSA ABLOY as their primary solutions provider. What we are looking for: - You have excellent written and verbal communication skills. - You're a multi-tasker who can manage time and projects excellently. - You’re an excellent active listener and negotiator with the ability to decipher customer needs and issues. - You have strong business acumen and professional sales closing skills. - You are data-driven and organized to be able to create, track, and present results. - You have industry-related technical and sales aptitude. - You are a creative problem solver that develops solutions for channel partners & end users. - Ability to develop and present compelling presentations. - Ability to read, understand specifications/facility standards, and have. - Ability to coordinate customer and internal cross functional engagement. - Ability to travel (35%) within territory to meet requirements of customers. - Ability to perform responsibilities both in a home office environment or while traveling. - You can lift/carry up to 50 lbs. of sample and display material for sale presentations. Education and/or experience: - Your background includes a Bachelor’s degree (preference for specialization in related curricula such as: sales, business, architectural design/engineering, construction science/management, or similar) or have work experience commensurate with, minimum high school/GED diploma. - Five to Ten (5-10) years or more sales experience in Door Hardware / Security / EAC industry preferred. - Familiarity with key vertical markets of Education, Healthcare, Government, Fortune 500 & Multi-Family. - Familiarity with key channels – Security Professionals (Locksmiths), Integrators, Wholesale Distribution. - Knowledge of ASSA ABLOY product solutions and competitive offerings preferred. - Affiliation and interaction with key industry associations (ASIS, DHI, SHDA, ALOA, etc.). - Proficiency in Microsoft Office tools. - Utilization and maintenance of CRM tools and other industry-related software for sales and activity reporting. What you can look forward to: - Local, Regional and National Leadership support to develop and implement plans, programs, initiatives and events. - Collaboration with local sales teams including product and technology specialists, end user and other channel business development specialists. - Direct support and engagement with Regional Director of Sales - Aftermarket & Brand Business Development personnel to leverage programs, products and resources to execute business plans. - Industry leading brands, customer incentive programs, training resources, and a team of hardworking colleagues dedicated to mutual success. ASSA ABLOY offers a competitive compensation and benefits package, including discretionary bonus, a 401(k) plan, medical/dental/vision/life insurance, education assistance, company car, and an environment that reflects our commitment to our employees. Further benefits include paid time off for thirteen holidays and ten vacation days. The wage range for this role is $130K – $160K and considers a broad scope of factors that are considered when making compensation decisions. Pay within each range is based on a variety of factors including, but not limited to, to primary work job-related knowledge, skills, experience, training, licensure and certifications, business requirements, geographic location and other business and organizational needs. This salary range is a reasonable estimate for this position at the time of posting. ASSA ABLOY conducts regular review of compensation ranges and therefore reserves the right to alter this range at any given time. “Let’s open the doors to the future – together!” Working for ASSA ABLOY means that you will be part of a dynamic environment, developing innovative solutions to improve our customers' lives. As the global leader in door opening solutions, we are using the latest technologies to open doors to events, hospitals, education, homes, hotels, airports and businesses. Joining ASSA ABLOY means being part of a fast-moving company with many opportunities. ASSA ABLOY is an Equal Opportunity Employer/Minorities/Females/Disabled/Veteran We are the ASSA ABLOY Group Our people have made us the global leader in access solutions. In return, we open doors for them wherever they go. With nearly 63,000 colleagues in more than 70 different countries, we help billions of people experience a more open world. Our innovations make all sorts of spaces – physical and virtual – safer, more secure, and easier to access. As an employer, we value results – not titles, or backgrounds. We empower our people to build their career around their aspirations and our ambitions – supporting them with regular feedback, training, and development opportunities. Our colleagues think broadly about where they can make the most impact, and we encourage them to grow their role locally, regionally, or even internationally. As we welcome new people on board, it’s important to us to have diverse, inclusive teams, and we value different perspectives and experiences.

• Support ISO, SOC 2, and CMMC compliance activities under the direction of the Director of Compliance • Assist with internal and external audit preparation, including: • Collecting requested evidence • Tracking auditor requests • Organizing documentation for review • Maintain compliance artifacts such as control matrices, evidence folders, spreadsheets, and trackers • Track remediation items and follow up with control owners as directed • Update and maintain compliance documentation, policies, procedures, and logs as instructed • Manage version control and ensure documentation is current and properly stored • Prepare draft reports, summaries, and status updates for compliance leadership • Maintain audit calendars, timelines, and task lists • Coordinate meetings related to compliance and audits, including scheduling, agendas, notes, and action-item tracking • Serve as a point of contact for routine compliance-related requests and information gathering • Communicate clearly with internal teams to obtain documentation and updates, escalating issues when needed • Assist with maintaining awareness of compliance requirements across applicable frameworks (ISO 27001, SOC 2, CMMC) • Support compliance training and awareness activities as directed • Perform other compliance-related administrative or support tasks as assigned

Talcott Financial Group* is an international life insurance group and the industry’s trusted partner for comprehensive risk solutions. Talcott creatively designs and expertly delivers responsive solutions that transfer risk and manage capital in a way that supports the strategic needs of insurers today and into the future. Talcott Financial Group has a proven track record of well-executed transactions, and the enterprise benefits from its strong financial position with over $127 billion in assets under management, its investment-grade financial strength ratings, and its partnership with Sixth Street, a leading global investment firm. Talcott Financial Group’s two core business platforms include: U.S. based Talcott Resolution and Bermuda and Cayman based Talcott Re. Overview: We are seeking a highly skilled and motivated cybersecurity Engineer to help advance our enterprise security strategy. This role reports directly to the Chief Information Security Officer and partners closely with senior leadership, IT teams, and business units to strengthen and mature our security posture. The ideal candidate brings deep technical expertise, strong analytical capabilities, and the ambition to grow into broader leadership responsibilities. Key Responsibilities: - Analyze and interpret advanced cyber threats, providing clear, actionable insights. - Stay ahead of emerging risks by maintaining a strong understanding of the evolving threat landscape. - Communicate security issues and recommended remediation clearly to technical teams and executive stakeholders. - Oversee critical security services, including vulnerability management, firewalls, certificate management, SOC operations, and data loss prevention. - Design, engineer, and maintain secure identity platforms across Active Directory and Entra ID. - Lead the architecture, governance, and automation of cloud security controls. - Implement and manage PKIaaS to streamline enterprise certificate lifecycle management. - Evaluate new technologies through research and proof‑of‑concept efforts, advising leadership on impactful security investments. - Advise business and IT partners on building secure processes and systems. Qualifications: - Bachelor’s degree in Information Security, Computer Science, Information Systems, or similar field. - Minimum of 10 years of cybersecurity or relevant IT experience. - Professional certifications (CISSP, GIAC, ISACA, etc.) are preferred - Deep experience with Active Directory, Group Policy, and Entra ID are required - Hands‑on expertise with network security technologies (firewalls, IDS/IPS, malware defense, DDoS/bot mitigation, proxies, ACLs, wireless security). Palo Alto experience is a plus. - Experience with cloud security across Azure, Oracle Cloud, and O365. - Strong understanding of enterprise threat analysis, mitigation strategies, and application‑layer security. - Solid knowledge of networking and web protocols (TCP/IP, HTTPS, IPsec, DNS). - Experience conducting network and application vulnerability assessments. - Familiarity with encryption, data protection, DLP, and endpoint security. - Experience designing, implementing, and operating enterprise Public Key Infrastructure (PKI). - Understanding AI cybersecurity risks and mitigation strategies. - Deep experience with Active Directory, Group Policy, and Entra ID. - Practical understanding of container and API security concepts (image scanning, runtime protection, secrets management, gateway/WAF, auth/z, rate limiting). - Proven ability to collaborate across organizational and vendor teams. - Strong decision‑making skills with the ability to balance security and business needs in a dynamic environment. - Excellent written and verbal communication skills. Compensation: This range represents the minimum and maximum annual base salary we reasonably expect to pay for this role at the time of posting. The actual base pay could vary and may be above or below the listed range. The base pay is based on factors including but not limited to experience, competence, and demonstration of proficiencies essential for the role. The base pay is just one component of Talcott’s total annual compensation for employees. Other compensation may include annual bonuses, long-term incentives and recognition. *This role is not eligible for visa sponsorship. Applicants must be authorized to work in the United States on a full-time basis without current or future visa sponsorship. **Talcott Financial Group is an equal employment employer. All qualified applicants will receive consideration without regard to race, color, sex, religion, age, national origin, disability, veteran status, sexual orientation, gender identity or expression, marital status, ancestry or citizenship status, genetic information, pregnancy status or any other characteristic protected by law. Talcott Resolution maintains a drug-free workplace. For more information regarding our Privacy Policy, please go to https://talcott.com/onlineprivacypolicy/onlineprivacypolicy.html