• Lead a small technical team, overseeing day-to-day activities, technical delivery, and team performance. • Develop and maintain a cybersecurity tracking system to provide clear, centralized visibility into system status and risks. • Deliver live, automated cybersecurity updates (e.g., JIRA dashboards) to leadership, including status of ATCs, Change Requests (CRs), and connectivity timelines. • Perform gap analyses for future deployment sites to support planning and mitigation activities, including upgrades, licensing, and configuration requirements. • Support development efforts for PPSM (Ports, Protocols, and Services Management) documentation. • Conduct audits and inventory reviews, including creation of POA&M (Plan of Action and Milestones) statements as needed. • Assist in firewall ruleset development and establish standardized templates across deployment sites. • Provide onsite support for inventory analysis when required. • Contribute to the development of enterprise standard configuration guides aligned with cybersecurity best practices (e.g., Welch Allyn, SkyVue, CCE Admin Tool). • Collaborate with client HTM (Healthcare Technology Management) teams and biomedical leadership to review and validate system design documentation for medical devices and systems. • Support alignment of technical documentation and system designs with client timelines and existing infrastructure.

• Lead and manage teams responsible for architecting system connections and developing Authority to Connect (ATC) packages in compliance with agency cybersecurity policies and regulations • Serve as a technical Subject Matter Expert (SME) supporting troubleshooting efforts during smoke test events and other key operational activities • Collaborate with the Director of Cybersecurity, client leadership, and systems integrators to identify risks, track issues, and implement mitigation strategies • Oversee Identity and Access Management (IAM) and Access Office teams responsible for user provisioning and access control operations • Ensure the development, implementation, and maintenance of IAM policies, procedures, and standards • Act as SME for defining IAM standards for system interfaces and integrations • Drive continuous process improvement initiatives to enhance team efficiency, productivity, and service delivery • Promote consistent communication, documentation, and alignment across cybersecurity and IAM functions

• Support the Client program by contributing to cross-functional coordination, operational readiness, and technical execution. • Collaborate with stakeholders to ensure issues are identified early, risks are mitigated, and project activities remain aligned with program goals. • Help streamline processes, maintain accurate documentation, and promote consistent communication across teams. • Enable reliable, secure, and efficient modernization activities across the enterprise. • Develop and maintain a cyber tracker to provide clear communication on system status. • Provide leadership with live, automated cyber updates (e.g., JIRA dashboards) for ATCs, CRs, and connectivity timelines. • Perform gap analyses for future sites and support mitigation planning (e.g., upgrades, licensing, configuration requirements). • Assist in PPSM development efforts. • Support auditing and review of inventories, including creation of POA&M statements as needed. • Assist with firewall ruleset development and creation of standardized templates across deployment sites. • Provide onsite support for inventory analysis as required. • Assist in developing enterprise standard configuration guides aligned with cybersecurity best practices (e.g., Welch Allyn, SkyVue, CCE Admin Tool). • Collaborate with client HTM and biomedical leadership to review and validate documentation for medical system designs, including devices, ensuring alignment with timelines and existing infrastructure. • Support the review and validation of system design documentation to facilitate client timelines and integration with existing systems. • Provide technical guidance and support for implementation of the Risk Management Framework (RMF), including activities related to Authority to Operate (ATO) and Authority to Connect (ATC).

• Design, implement, and maintain security controls across endpoints, identity systems, networks, applications, and cloud platforms • Actively identify security gaps, emerging threats, and systemic weaknesses through continuous analysis and investigation • Engineer and refine security detection, alerting, response, and monitoring capabilities, emphasizing automation and scalability • Build and maintain security playbooks, standards, procedures, and operational documentation • Partner with IT and business teams to embed security into daily operations, workflows, and lifecycle processes • Evaluate and recommend security technologies based on effectiveness, risk reduction, and operational fit • Leverage automation, scripting, and AI assisted techniques to improve visibility, response time, and threat detection fidelity • Participate in incident response, root cause analysis, and post incident improvement efforts • Translate complex technical risks into clear, actionable insights for both technical and non technical stakeholders • Continuously research emerging threats, tools, and defensive techniques, applying learnings back into the environment