• Lead the execution of cybersecurity risk assessments across products, SaaS platforms, infrastructure, cloud environments, vendors, and business processes • Apply NIST RMF (800‑37, 800‑30, 800‑53), ISO 27001/27701/22301, and internal Blue Yonder cybersecurity standards in all assessments • Maintain and enhance the enterprise risk register, ensuring all risks are documented, categorized, and monitored • Develop and drive risk‑response plans, collaborating with system owners, product teams, engineering, and cloud operations • Validate mitigation effectiveness and track remediations through closure • Provide expert recommendations on security controls, configuration standards, and compensating controls • Build KPIs, KRIs, dashboards, and reporting mechanisms to measure risk posture and program performance • Present risk trends, escalations, and mitigation progress to senior leadership • Ensure compliance with internal policies such as Cybersecurity Policy, Access Control Policy, Acceptable Use, and Information Classification Standards • Partner with Threat & Vulnerability Management, Application Security, Security Architecture, and GRC teams to ensure unified risk strategy and visibility • Collaborate with Legal, Compliance, and Commercial teams on contract risk requirements and customer security obligations • Promote a risk‑aware culture by educating stakeholders on risk principles, threat landscapes, and security responsibilities • Contribute to ongoing training and awareness initiatives aligned with Blue Yonder’s enterprise security program

MAIN PURPOSE OF THE JOB: ​​​As the IT Security Operations Engineer, you will play a crucial role in the analysis, design, implementation, and ongoing management of security controls. The IT Security Operations Engineer is responsible for maintaining the confidentiality, integrity, and availability of our information assets, safeguarding against emerging threats and vulnerabilities. This role involves managing complex projects, spearheading continuous improvement initiatives, and implementing innovative technologies and methodologies to maintain robust cybersecurity defenses against evolving threats. ​You will contribute to steering Viant to face future cybersecurity challenges. Leveraging your strong technical expertise to develop, deploy, and implement innovative solutions that enhance reliability, scalability, and our security posture. By aligning IT Security with business objectives, you will ensure the uninterrupted production of medical devices. ​Additionally, you will have the opportunity to work with every site and department within Viant, fostering personal growth and professional development through diverse interactions and projects. As an associate within Viant IT, you will embody and promote Viant values, ensuring that you operate with integrity, accountability, and a commitment to excellence. You will play a crucial role in contributing to the overall success of Viant as a whole.​​ KEY RESPONSIBILITIES AND DUTIES: - ​​​Act in alignment with the core values of the company, demonstrating agility, teamwork, leadership, ownership, customer focus, and integrity in all actions. - ​Provide support outside regular working hours to ensure Viant’s security and address urgent issues when required to support business operations. - ​Engage actively in company-wide and site-specific projects aimed at continuous improvement of processes. - ​Analyze and assess the effectiveness of existing security controls, policies, and procedures. - ​Design, implement, and configure security measures to enhance the protection of Viant's IT environment. - ​Conduct ongoing analysis of emerging threats and vulnerabilities, providing proactive recommendations for control improvements. - ​Design, implement, and continuously improve Zero Trust security controls, focusing on identity, device posture, least privilege, and continuous verification. - ​Own the end‑to‑end vulnerability management lifecycle, including discovery, prioritization, remediation tracking, and risk acceptance. - ​Correlate vulnerability data with asset criticality, exploitability, and business impact. - ​Collaborate with internal teams and external vendors to ensure the operational efficiency of security controls. - ​Configure and manage intrusion detection systems, network forensics, and endpoint security solutions. - ​Independently evaluate and enhance security controls to ensure alignment with industry best practices and organizational goals. - ​Provide expertise in the development and execution of disaster recovery controls. - ​Conduct regular internal security audits to assess compliance with established controls. - ​Monitor and respond to cybersecurity incidents, working alongside the Security Incident Response Team in incident response activities. - ​Safeguard sensitive information and adhere to applicable regulations and policies. - ​Lead post-incident analysis to ensure accurate root causes of incidents are identified, appropriate preventive actions are realized and tracked, and to reduce the likelihood of future cybersecurity events. - ​Manage physical security controls and manufacturing systems. - ​Contribute to the development of cybersecurity reports and business technical guidance. - ​Stay informed about cybersecurity trends and contribute to the development of the Viant security strategic plan. - ​Collaborate with the IT Security Manager on cybersecurity risk management and vendor risk management. - ​Work closely with the Security Team on identity access management and user access control. - ​Collaborate with relevant stakeholders for 3rd party cybersecurity audits, penetration testing, and vulnerability assessments. - ​Maintain and update documentation related to security procedures and configurations. - ​Maintain knowledge of Viant corporate IT policies and Viant privacy policies. - ​Report any security incident or suspected security incident to the Viant Security Incident Response Team. - ​All other duties as assigned.​​ POSITION REQUIREMENTS: Knowledge/Education: - ​​​Bachelor’s degree in information security, Cybersecurity, or a related field required - ​Security + required - ​Microsoft 365 certifications preferred - ​CISSP preferred​​ Job Experience: - ​​​​​7+ years of system administrator experience required - ​4+ years in IT Security Operations experience required - ​3+ years of manufacturing experience preferred - ​Preferred prior experience working from home with designed work area and high-speed internet connection​​​​ Skills/Competencies: - Ability to work effectively in a fast-paced team environment as well as independently. - Resourcefulness in handling unexpected challenges. - Must have excellent time management skills with the ability to work independently with little supervision. - Highly self-motivated, enthusiastic, who has the ability to understand and take the “big picture” into account - Strong aptitude for working with technology, ability to learn and absorb innovative technologies quickly. - Proven capability in managing multiple tasks simultaneously and prioritizing time efficiently. - Demonstrated understanding of fundamental critical thinking concepts, with a proven ability to apply these principles to effective problem solving. - Proven documentation skills including policies and procedures. - Pro-active in identifying potential issues with a proposed process or systems change. - Advanced understanding of cybersecurity principles, protocols, and best practices. - In-depth working knowledge of networking, firewalls, routing, switching, and wireless technologies. - Experience with intrusion detection systems, network forensics, and endpoint security solutions. - Configuring, managing, and utilizing SIEM for security event monitoring, log correlation, and incident detection.  - Expertise in designing, configuring, and managing security controls. - Ability to conduct proactive research on emerging security threats and vulnerabilities. - Strong analytical, problem-solving, and troubleshooting skills. - Capacity to work independently and as part of a team in a fast-paced environment. - Proven experience in coordinating with counterparts in a distributed organization. - Stay up-to-date with the latest developments in cybersecurity. - Microsoft 365 Services (Entra, Intune, Security, Compliance, Endpoint, Purview) - Hands‑on experience with Zero Trust concepts, identity‑centric security, and conditional access controls. - Practical experience securing Azure and/or AWS cloud environments. - SPF, DKIM, DMARC understanding - Active Directory hardening - Endpoint hardening (Windows, Linux, IOT, Mobile) - Network IDS, IPS, secure wireless standards - Disaster Recovery design, planning, implementation, and testing - Ransomware protection - EDR/XDR experience - Penetration Testing - Endpoint encryption - Identity Threat Protection - Data Loss Prevention - Backup immutability and air gapping - Privileged Access Management - User Access Controls Travel: - Up to 25% of the time or as needed - We offer market competitive compensation. Potential salary range for this role is $100k-$130k. Actual pay will be determined based on experience, qualifications, geographic location, and other job-related factors permitted by law.

Job DetailsPosition Summary Apium Swarm Robotics (ASR) is revolutionizing swarm autonomy software for air, surface, undersea, and ground vehicles operating across dual-use commercial and defense environments. Our systems are deployed on real platforms, tested in the field, and delivered to customers operating in complex, uncertain, and safety-critical conditions. We do not build research prototypes or slideware. Our software is integrated into real vehicles, tested in the field, and delivered to customers who depend on operational reliability, speed of execution, and mission relevance. We prioritize performance over hype. ASR systems represent the next phase in autonomy: collaborative swarming. These are not like pre-programmed drones for light shows. We are creating real-time cooperative management that lets one operator control dozens to hundreds of vehicles in real-time with the ease of controlling a single vehicle. As such, this role requires comfort with responsibility, ambiguity, and operational accountability. ASR seeks a Senior DevSecOps Engineer to build the company’s government-grade security and compliance engineering practice from the ground up. You will architect the CI/CD security pipeline, own our CMMC compliance posture, and deliver software artifacts that are accreditable under applicable NIST frameworks for operational technology. This is not a traditional IT security role. ASR builds embedded, safety-critical systems for unmanned platforms. You must understand OT security requirements and apply them appropriately to firmware, autopilot-layer software, and ground control systems — not just enterprise IT frameworks. Unlike almost any other robotics company, ASR’s advanced SITL suite allows developers to work from home. Travel for testing and demonstrations will allow you to witness firsthand your contributions as dozens of drones take flight. Essential Duties and Responsibilities Design and implement CI/CD security gates (SAST, dependency scanning, secrets detection, SBOM generation) across ASR’s version control organization (GitHub, GitLab, or equivalent) Establish structured artifact management with semantic versioning, signed releases, and audit-traceable build provenance; manage release pipelines across incrementally constrained compliance tiers (commercial, CMMC-controlled, SIPRNet-classified) Own CMMC Level 2 compliance posture; develop and maintain SSP, POA&M, and ATO/IATT support documentation for government program deliveries Apply NIST SP 800-82 OT security controls to embedded flight software, GCS services, and swarm communications protocols Implement technical controls for CUI handling, export-controlled repository access, and ITAR/EAR compliance in development workflows Define threat modeling and SSDF (NIST SP 800-218) practices; maintain SBOM generation per EO 14028 and DoD supply chain requirements Ensure source control organization meets required security standards: MFA applied as required, least-privilege access controls maintained, audit logging confirmed, and third-party application permissions managed Support corporate IT integration: align ASR’s development environment with broader CMMC and CUI enclave requirements as the company scales Required Qualifications Must be a US Citizen Active Secret clearance or demonstrated ability and willingness to obtain one 5+ years of DevSecOps, security engineering, or information assurance experience, with at least 2 years in a DoD or defense contractor environment Working knowledge of CMMC 2.0 Level 2 requirements and assessment processes Practical experience with GitHub Actions, GitLab CI, or equivalent CI/CD platforms, including writing custom pipeline configurations for security automation Ability to read and reason about C++ and Python codebases for threat modeling, SAST triage, and vulnerability assessment. Understanding of OT/embedded system security distinctions from enterprise IT; ability to apply NIST 800-82 to firmware and autopilot-layer software Experience with SBOM generation tooling (e.g., Syft, CycloneDX, SPDX) and DoD supply chain security requirements Familiarity with ITAR/EAR technical controls: CUI handling, export-controlled repository access, and developer access management Comfort working independently with limited oversight; ability to remain calm and effective under operational pressure Additional Desired Qualifications BS in Computer Science or related field preferred Experience authoring NIST SP 800-171 SSP and POA&M documentation in a DoD or defense contractor environment Experience managing release pipelines across incrementally constrained compliance environments (e.g., commercial release, CMMC-controlled distribution, SIPRNet-classified behaviors) CMMC Registered Practitioner (RP) or Certified Professional (CP); DoD 8570/8140 compliant certification (CISSP, Security+, or equivalent) Familiarity with RMF and DISA STIG applicability for Linux-based embedded systems Experience with Android application security including APK signing and MDM for government tablet deployments Prior work on UAS, robotics, or autonomous systems; familiarity with PX4/ArduPilot is a differentiator Experience with ATAK/WinTAK plugin security and TAK server CUI handling Active TS/SCI clearance Physical Requirements and Working Conditions Must be able to walk, stand, and navigate large indoor and outdoor facilities for extended periods of time. Ability to lift, carry, and move materials and equipment weighing up to 25 lbs on a regular basis. Use of personal protective equipment (PPE) may be required in designated areas or when performing specific tasks, in accordance with safety protocols and company policy. May be required to climb ladders, stoop, kneel, or crouch during inspections, maintenance walk-throughs, or emergency response situations. Regular exposure to facility operations including noise, dust, temperature fluctuations, and industrial equipment. Occasional off-hours or weekend work required for emergency facility responses or projects as needed Requires frequent use of a computer and other standard office equipment for documentation, communication, and coordination tasks. Background Check This position will require successfully completing a post-offer background check. Qualified candidates with a criminal history will be considered and are not automatically disqualified, consistent with federal and state law. EEO and ITAR/EAR Work Authorization Disclosure Red Cat Holdings provides equal employment opportunities (EEO) to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This position requires direct or indirect access to hardware, software, technology or technical data controlled under the International Traffic in Arms Regulations (ITAR) and the Export Administration Regulations (EAR). Successful candidates for positions subject to ITAR/EAR restrictions must provide proof of U.S. Citizenship or Permanent Residence and must not require sponsorship for export-restricted work authorization. E-Verify The company participates E-Verify ensure eligibility for employment and compliance with Right to Work rules. Compensation: Base pay, plus generous annual equity package and potential bonuses. Qualifications

Account Executive – Physical Security Solutions, Ohio Territory Account Executive- Physical Security Solutions Overview: The Physical Security Solutions Account Executive is responsible for driving new customer acquisition across the State of Ohio. This role will focus on expanding our footprint by building strong relationships, uncovering new opportunities, and delivering modern physical security solutions to organizations across the state. It’s an ideal fit for someone who thrives in territory development, enjoys opening new doors, and excels at consultative selling in markets where trust and execution are key. Account Executive- Physical Security Solutions Responsibilities: • Lead new customer acquisition efforts across Ohio, with a focus on the commercial real estate and multifamily verticals • Build and execute a territory growth plan centered on proactive outreach, discovery, and long-term account development • Own the prospect and customer-facing milestones of the sales lifecycle, from prospecting and discovery to solution positioning, proposal delivery, negotiation, and close • Conduct persuasive product and solution demos, aligning customer needs with cloud, on-prem, or hybrid physical security offerings • Partner closely with Sales Engineering and Technical Account Management to ensure accurate solution design and smooth project transitions • Represent K Group Companies at industry events, networking functions, and regional engagements • Maintain accurate CRM data, pipeline forecasts, and activity reporting • Act as a trusted advisor to prospects, helping them modernize legacy systems and plan long-term technology refresh cycles What Makes This Role Unique: • Ohio is a strategic growth market, you’ll be building on an existing foundation while expanding into new customer relationships • Significant modernization demand, organizations across the state are upgrading video and access infrastructure, creating consistent opportunity • High-visibility, high-impact work, your performance directly influences how we scale and invest in the region • Credible solutions, proven delivery, K Group Companies offers best-in-class cloud-managed, hybrid, and on-prem solutions without forcing a single approach Account Executive- Physical Security Solutions Qualifications: • Experience in B2B sales, ideally in physical security, low voltage integration, IT services or related technical industries • Strong consultative selling skills with the ability to run discovery, establish value, and tailor solutions to customer needs • High comfort level with prospecting and developing new relationships, territory growth requires initiative and discipline • Excellent presentation, communication, and relationship-building skills • High integrity, strong follow-through, and a commitment to solving real problems for customers • Willingness to travel regionally throughout Ohio for meetings, walkthroughs, and relationship development About K Group Companies K Group is a locally owned and operated technology service provider that was established in Grand Rapids, MI in 1980. We proudly serve clients across the United States, while remaining especially focused on our home state of Michigan. Our expertise spans a wide spectrum of technologies and services, ensuring that we deliver exceptional solutions at the highest level of quality. Rooted in principles of excellence and creativity, our culture is dedicated to fostering collaboration, innovation, and inclusivity. Why Work Here? “Great, focused, team environment.” For more than 40 years, K Group Companies has been one of West Michigan’s premier technology providers. From Managed IT services to physical security integration, our team has established itself as a known, trusted advisor to our community. As a local, 3rd generation family-owned business, we pride ourselves in reliable, intentional, and committed relationships with our customers – and each other! Whether we are helping customers secure their environment, beating each other at Mario Kart in our Team Zone arcade, or grabbing lunch at our local BBQ restaurant, we delight in collaboration and making a difference as a team. We truly believe that we are better together! Compensation and Benefits · Competitive base salary based on experience · Bonus and commission programs · Paid Time Off (PTO) · Volunteer Paid Time Off (VTO) · 100% employer paid family health insurance premium · 100% employer paid disability insurance · 100% employer paid dental & vision insurance · 401k with Safe Harbor contributions from company annually · Profit sharing opportunities