• Active Incident Response: Lead the identification and mitigation of high-impact security events. You will analyze sophisticated traffic patterns and implement precise countermeasures, including rate limiting and custom WAF & Security rules to neutralize threats in real-time. • Managed Security Delivery: Serve as a primary security consultant for MSS Customers. This involves continuous tuning and refining of security policies to optimize detection accuracy and maintaining a hardened security posture tailored to each client's unique environment. • Advanced Threat Hunting: Conduct data-driven investigations using log analysis to uncover potential threats and hardenings opportunities • Security Intelligence & Reporting: Author comprehensive After Action Reports (AARs) and monthly security summaries. You will translate complex telemetry and attack data into high-level actionable insights for customer stakeholders. • Strategic Communication: Act as the Subject Matter Expert (SME) during active security incidents. You will provide clear, calm, and professional guidance via real-time communication channels, ensuring customers are informed and confident in our defensive strategy.

Role Description Selected Candidate works within the Security Operations Center to improve, tune, and enhance security alerts, responses, and remediation of detected issues. The engineer will also work within the Incident Management process to remove threats and vulnerabilities within the organization. This role collaborates with other Information Security and IT Operational teams to maintain a secure environment and incident response capabilities. As part of the Global Security Operations Center team, he/she should be responsible for improving security operations and monitoring security events in EDR, perimeter scanning, threat detection, preventative advanced threat hunting, across all security tools. This job requires flexibility of working in 24/7 rotational shifts which includes night shift and weekends. - Serves as the regional point of contact for security escalations/requests and escalates requests to Security architecture as needed. - Responsible for the identification and assessment of enterprise risks. - Identifies, evaluates, and tests appropriate security products, tools, and systems to ensure alignment with the CushWake global security posture. - Articulates security policies, guidelines, and standards to customers and developers. - Able to apply theories, concepts, principles, and methodologies to difficult but conventional assignments. - Works independently within an established framework. - Develop techniques and procedures for conducting IS and cyber security risk assessments and compliance audits. - Evaluates and tests hardware, firmware, and software for possible impact on system security. - Investigates and resolves security incidents. - Implements IS and cyber security policies and takes measures against intrusion, frauds, attacks, or leaks. - Continues to build knowledge of the organization, processes, and customers. - Performs a range of straightforward assignments using prescribed guidelines or policies to analyze and resolve problems. - Partners with Security Architecture on critical scope delivery. - Reviews security INC(s) to ensure proper processes have been followed and to identify additional IoA(s)/IoC(s). - Performs proactive threat hunting using hypothesis and telemetry from endpoints, identities, cloud, and network to identify malicious activity, abnormal behaviors, and emerging attacker techniques. - Serves as the security stakeholder for IR/MIM activities until Security Architecture and/or senior leadership can engage. Company Description INCO: “Cushman & Wakefield”

• Design, implement, and continuously mature critical security programs, acting as the primary technical owner for Data Loss Prevention (DLP) to safeguard sensitive company data across the environment. • Engineer and optimize our Security Information and Event Management (SIEM) platform. Oversee log ingestion strategies, write complex custom detection rules, and leverage scripting (e.g., Python, PowerShell) to automate alert triage and response workflows. • Lead proactive vulnerability hunting and assessment initiatives. Continuously evaluate infrastructure weaknesses and partner closely with IT and infrastructure teams to drive and track remediation of identified risks. • Act as the primary technical responder and incident commander during security events. Perform deep-dive forensic analysis, coordinate technical investigations, and guide cross-departmental teams through containment, eradication, and post-incident reviews. • Evaluate, deploy, and maintain the operational security tech stack. Ensure tools integrate seamlessly with the existing environment, continuously tuning them to reduce false positives and maximize return on investment. • Serve as a subject matter expert and technical mentor within the broader technology organization, fostering a culture of security awareness and collaborative risk mitigation.

Title: Security Operations Security Director /Cybersecurity Sr. Manager Location: USA TX Austin - 7100 Metropolis Drive, Austin III (TXC138) Job Description: Type of Requisition: Pipeline Clearance Level Must Currently Possess: None Clearance Level Must Be Able to Obtain: None Public Trust/Other Required: Other Job Family: Cyber and IT Risk Management Job Qualifications: Skills: Compliance Frameworks, Cyber Security Governance, Cyber Security Management Certifications: None Experience: 10 + years of related experience US Citizenship Required: No Job Description: The Security Director is the senior leader responsible for the governance, compliance, and overarching security posture of a Managed IT Security Operations contract. This role oversees adherence to regulatory frameworks, contractual requirements, and internal governance standards while ensuring the program’s security operations are executed with audit-readiness, risk awareness, and policy alignment at their core. The Security Director serves as the primary authority for cybersecurity compliance, governance controls, and enterprise-level security oversight. Key Responsibilities: • Lead the development, implementation, and enforcement of the contract’s cybersecurity governance framework, ensuring alignment with NIST, CIS, ISO, and all applicable regulatory requirements. • Oversee all compliance activities, including evidence collection, control validation, audit preparation, and corrective action tracking. • Ensure continuous compliance with federal, state, and industry standards, including data protection, privacy regulations, and customer-specific governance requirements. • Establish and maintain policies, procedures, SOPs, and security documentation that support a consistent and mature governance posture. • Serve as the primary liaison for compliance-related communication with customer stakeholders, auditors, and internal executives. • Lead risk management initiatives, including risk assessments, gap analyses, plan of action and milestones (POA&M) management, and mitigation planning. • Oversee the governance layer of SOC operations, ensuring operational practices meet internal and external compliance obligations. • Direct enterprise reporting activities, including compliance dashboards, governance metrics, and executive summaries reflecting organizational security posture. • Monitor changes in regulatory requirements and ensure the program is proactively positioned to meet evolving compliance expectations. • Collaborate with security engineering, SOC leadership, and program management to ensure all operational decisions integrate governance and risk considerations. • Support security architecture reviews and ensure technology decisions adhere to approved security baselines and compliance frameworks. • Lead or support incident response governance, including breach notification processes, documentation standards, and compliance-related reporting. Required Qualifications: • Bachelor’s degree in Cybersecurity, Information Assurance, Compliance, or related field (or equivalent work experience). • 10+ years of cybersecurity or compliance leadership experience, preferably within MSS/MSP or security operations environments. • Deep knowledge of governance and compliance frameworks (NIST RMF and CSF, ISO 27001, CIS Controls, FedRAMP, PCI-DSS, HIPAA, etc.). • Proven experience preparing for and supporting internal and external audits. • Demonstrated ability to build and manage governance programs in complex, multi‑platform IT environments. • Expertise in risk management, policy development, and compliance reporting. • Relevant certifications such as CISSP, CISM, CISA, CGEIT, CRISC, or similar. Preferred Qualifications: • Experience supporting government contracts or highly regulated industries. • Familiarity with cloud governance programs across AWS, Azure, and GCP. • Experience with Zero Trust governance models. • Additional certifications in audit, governance, or cloud security. Key Competencies: • Compliance and governance leadership • Policy and procedure development • Exceptional documentation and audit readiness • Strategic risk management • Strong communication and stakeholder alignment • Analytical decision-making Additional Information: Location: Austin, TX. expect to be in office 2-5 days a week. Timeline: This is a contingent role, expected to start between December 2026 and March of 2027. GDIT IS YOUR PLACE: - Full-flex work week to own your priorities at work and at home - 401K with company match - Comprehensive health and wellness packages - Internal mobility team dedicated to helping you own your career - Professional growth opportunities including paid education and certifications - Cutting-edge technology you can learn from - Rest and recharge with paid vacation and holidays The likely salary range for this position is $147,292 - $199,278. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range. Scheduled Weekly Hours: 40 Travel Required: Less than 10% Telecommuting Options: Hybrid Work Location: USA TX Austin Additional Work Locations: Total Rewards at GDIT: Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.