Role Description Selected Candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues. The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. As part of the Global Security Operations Center team, he/she should be responsible for improving security operations and monitoring security events in EDR, perimeter scanning, threat detection, preventative advanced threat hunting, across all security tools. This job requires flexibility of working in 24/7 rotational shifts which includes night shift and weekends. - Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. - Responsible for the identification and assessment of enterprise risks. - Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture. - Articulates security policies, guidelines, and standards to customers and developers. - Able to apply theories, concepts, principles, and methodologies to difficult but conventional assignments. - Works independently within an established framework. - Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits. - Evaluates and tests hardware, firmware, and software for possible impact on system security. - Investigates and resolves security incidents. - Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks, or leaks. - Continues to build knowledge of the organization, processes, and customers. - Performs a range of straightforward assignments using prescribed guidelines or policies to analyze and resolve problems. - Partners with Security Architecture on critical scope delivery. - Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). - Performs proactive threat hunting using hypothesis and telemetry from endpoints, identities, cloud, and network to identify malicious activity, abnormal behaviors, and emerging attacker techniques. - Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage. Company Description INCO: “Cushman & Wakefield”

• Design, implement, and continuously mature critical security programs, acting as the primary technical owner for Data Loss Prevention (DLP) to safeguard sensitive company data across the environment. • Engineer and optimize our Security Information and Event Management (SIEM) platform. Oversee log ingestion strategies, write complex custom detection rules, and leverage scripting (e.g., Python, PowerShell) to automate alert triage and response workflows. • Lead proactive vulnerability hunting and assessment initiatives. Continuously evaluate infrastructure weaknesses and partner closely with IT and infrastructure teams to drive and track remediation of identified risks. • Act as the primary technical responder and incident commander during security events. Perform deep-dive forensic analysis, coordinate technical investigations, and guide cross-departmental teams through containment, eradication, and post-incident reviews. • Evaluate, deploy, and maintain the operational security tech stack. Ensure tools integrate seamlessly with the existing environment, continuously tuning them to reduce false positives and maximize return on investment. • Serve as a subject matter expert and technical mentor within the broader technology organization, fostering a culture of security awareness and collaborative risk mitigation.

Title: Security Operations Security Director /Cybersecurity Sr. Manager Location: USA TX Austin - 7100 Metropolis Drive, Austin III (TXC138) Job Description: Type of Requisition: Pipeline Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: Other Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Compliance Frameworks, Cyber Security Governance, Cyber Security Management Certifications: None Experience: 10 + years of related experience US Citizenship Required: No Job Description: The Security Director is the senior leader responsible for the governance, compliance, and overarching security posture of a Managed IT Security Operations contract. This role oversees adherence to regulatory frameworks, contractual requirements, and internal governance standards while ensuring the program’s security operations are executed with audit-readiness, risk awareness, and policy alignment at their core. The Security Director serves as the primary authority for cybersecurity compliance, governance controls, and enterprise-level security oversight. Key Responsibilities: • Lead the development, implementation, and enforcement of the contract’s cybersecurity governance framework, ensuring alignment with NIST, CIS, ISO, and all applicable regulatory requirements. • Oversee all compliance activities, including evidence collection, control validation, audit preparation, and corrective action tracking. • Ensure continuous compliance with federal, state, and industry standards, including data protection, privacy regulations, and customer-specific governance requirements. • Establish and maintain policies, procedures, SOPs, and security documentation that support a consistent and mature governance posture. • Serve as the primary liaison for compliance-related communication with customer stakeholders, auditors, and internal executives. • Lead risk management initiatives, including risk assessments, gap analyses, plan of action and milestones (POA&M) management, and mitigation planning. • Oversee the governance layer of SOC operations, ensuring operational practices meet internal and external compliance obligations. • Direct enterprise reporting activities, including compliance dashboards, governance metrics, and executive summaries reflecting organizational security posture. • Monitor changes in regulatory requirements and ensure the program is proactively positioned to meet evolving compliance expectations. • Collaborate with security engineering, SOC leadership, and program management to ensure all operational decisions integrate governance and risk considerations. • Support security architecture reviews and ensure technology decisions adhere to approved security baselines and compliance frameworks. • Lead or support incident response governance, including breach notification processes, documentation standards, and compliance-related reporting. Required Qualifications: • Bachelor’s degree in Cybersecurity, Information Assurance, Compliance, or related field (or equivalent work experience). • 10+ years of cybersecurity or compliance leadership experience, preferably within MSS/MSP or security operations environments. • Deep knowledge of governance and compliance frameworks (NIST RMF and CSF, ISO 27001, CIS Controls, FedRAMP, PCI-DSS, HIPAA, etc.). • Proven experience preparing for and supporting internal and external audits. • Demonstrated ability to build and manage governance programs in complex, multi‑platform IT environments. • Expertise in risk management, policy development, and compliance reporting. • Relevant certifications such as CISSP, CISM, CISA, CGEIT, CRISC, or similar. Preferred Qualifications: • Experience supporting government contracts or highly regulated industries. • Familiarity with cloud governance programs across AWS, Azure, and GCP. • Experience with Zero Trust governance models. • Additional certifications in audit, governance, or cloud security. Key Competencies: • Compliance and governance leadership • Policy and procedure development • Exceptional documentation and audit readiness • Strategic risk management • Strong communication and stakeholder alignment • Analytical decision-making Additional Information: Location: Austin, TX. expect to be in office 2-5 days a week. Timeline: This is a contingent role, expected to start between December 2026 and March of 2027. GDIT IS YOUR PLACE: - Full-flex work week to own your priorities at work and at home - 401K with company match - Comprehensive health and wellness packages - Internal mobility team dedicated to helping you own your career - Professional growth opportunities including paid education and certifications - Cutting-edge technology you can learn from - Rest and recharge with paid vacation and holidays The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Hybrid Work Location: USA TX Austin Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

• Actively monitor and respond to security alerts from tools such as SIEM, EDR, CNAP, etc. • Analyze security alerts and document tuning opportunities to reduce false positives. • Support change management responsibilities to reduce security risk/impact to corporate systems and networks. • Contribute to security tooling policies and supporting process enhancement as needed to mature defense controls and facilitate exceptions for BAU operations. • Initiate and coordinate incident response activities. Maintain documentation and reports for compliance purposes. • Configure and run network and endpoint vulnerability scans. Closely collaborate with technical teams to mitigate risks through patching and configuration changes. • Assess and evaluate the suitability of existing and new security tools to bolster the organization’s security posture