• Coordinate and manage responses to customer enquiries, including contributing to Request for Proposals (RFP), responding to customer security enquiries, diligence assessments, customer audits, etc. • Perform technical assessments and documentation around key controls and security processes, including working knowledge of key controls across a number of industry best practices • Liaise with customers, articulating control implementation, and describing considerations for applying security and compliance concepts to a technical environment. Simplify security compliance requirements into clear technical control specifications and policies. • Field and address requests for team support in collaboration with internal and external stakeholders. • Communicate effectively and regularly with internal teams and customers • Continuously build and refine knowledge base information, whitepapers, frequently asked questions, control narratives, etc. and contribute to ongoing development and improvement. • Understand the impact of security in our go-to-market pipeline, report on trends and help us improve how we invest in security. • Stay apprised on industry standards and regulations for security and compliance

• Information Security Operations Engineer is a member of the Gen Re Security team, who will leverage extensive experience in security operations to oversee and enhance proactive defenses and response capabilities. • The candidate shall work closely with Security and other IT practice leads to ensure that detection logic, incident response workflows, data quality, automation, and team collaboration are continuously improved and effectively managed. • The role entails strategic planning, research, testing, and implementation of new solutions, as well as the operation and maintenance of current solutions. • Refine detection logic and improve alert fidelity across platforms such as CrowdStrike, Taegis, and Varonis. • Enhance incident response workflows and update runbooks to reflect current tooling and evolving threat scenarios. • Perform gap analysis and coverage mapping to ensure security data quality, log integrity, and timestamp accuracy. • Implement security automation and orchestration to reduce manual effort and improve operational efficiency. • Conduct reviews of alerts and enforce effective timely incident investigation.

• Oversee and coordinate day-to-day responsibilities including employee/consultant onboarding and off-boarding. • Fulfill access requests and handle audit/compliance requests. • Troubleshoot access-related incidents and provide exceptional customer service to end users and role owners. • Play a key role in all security access management related projects. • Partner and mentor effectively with other teams on an ongoing basis.

• Lead and manage data incident response investigations and reporting under legal privilege, ensuring compliance with applicable regulatory requirements • Oversee and maintain the Privacy and Cyber SharePoint site, risk metrics, and control tower to ensure proper documentation and tracking • Collaborate with cybersecurity subject matter expert (SME) on NIST 800-171, and Cybersecurity Maturity Model Certification 2.0 (CMMC) to support cyber legal counsel • Review purchase orders and subcontract terms and conditions to ensure compliance with company policies, procedures, internal guidance, and legal requirements, including the FAR and DFARS • Collaborate with Supply Chain personnel, and members of LCC and Program Counsel to conduct contract reviews, with a focus on privacy and cybersecurity contract terms • Conduct privacy impact assessments and regular compliance-related risk assessments and develop and implement action plans • Brief on areas of concern to all levels of the business including at times senior leadership