• Identify business-critical risks present within Instacart’s product and infrastructure. • Analyze the risks and define remediation strategies with actionable roadmaps. • Develop scalable systems to enable and encourage secure engineering patterns. • Own and drive systemic improvements across engineering and other functions. • Coach and mentor other engineers within the organization.

Role Description DAS Health is seeking a Cybersecurity Operations Manager to lead and support our cybersecurity team, overseeing day-to-day operations, client service delivery, and compliance initiatives. This fully remote role blends leadership with hands-on technical expertise, ensuring strong security controls, proactive threat management, and adherence to regulatory requirements across both internal and client environments. Key Responsibilities - Leadership and Team Oversight: - Lead, mentor, and support the cybersecurity team’s daily operations - Provide escalation support and guidance across security incidents and initiatives - Establish and track KPIs to measure performance, efficiency, and service delivery - Collaborate with IT, Cloud Services, and Compliance teams to align security practices - Client-Facing Cybersecurity Services: - Oversee delivery of managed cybersecurity services across client environments - Ensure timely response to alerts, incidents, and escalations - Conduct risk assessments, security reviews, and compliance evaluations (HIPAA, SOC 2, HITRUST) - Support onboarding of new clients into cybersecurity services - Deliver both technical and executive-level reporting on security posture - Hands-On Technical Execution: - Participate in incident detection, investigation, and remediation - Perform vulnerability assessments, log analysis, and forensic investigations - Support and optimize SIEM, EDR, and related tools - Assist with securing Microsoft 365, Azure, and cloud-based environments - Governance, Risk, and Compliance: - Maintain compliance with healthcare security frameworks including HIPAA, HITRUST, NIST CSF, and SOC 2 - Develop and maintain policies, procedures, and security documentation - Support internal and external audits and remediation efforts - Process Improvement and Optimization: - Evaluate and improve existing security workflows and processes - Identify automation opportunities to increase efficiency - Develop dashboards and reporting metrics for performance tracking - Training and Awareness: - Mentor and develop cybersecurity team members - Support internal and client-facing security awareness initiatives - Lead tabletop exercises and post-incident reviews Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field - 5–8+ years of cybersecurity operations experience - 2–3+ years of leadership experience within cybersecurity operations - Strong experience with SIEM, EDR, DLP, and vulnerability management tools - Experience securing Microsoft 365, Azure, and cloud environments - Knowledge of healthcare security frameworks (HIPAA, HITECH, HITRUST, NIST, SOC 2) - Hands-on experience with incident response and forensic analysis - Experience working with MSSPs and third-party vendors - Scripting or automation experience (PowerShell, Python) is a plus Preferred Certifications - CISSP - CISM - HCISPP - GCIH - CEH - or equivalent Benefits - Fully remote work environment with a collaborative, team-driven culture - Opportunity to lead and shape cybersecurity operations in a growing healthcare IT organization - Exposure to diverse client environments and leading security technologies - Career growth and leadership development opportunities

• Manage and administer corporate endpoint security solutions, ensuring that tools are deployed, configured, monitored, and operating effectively. • Administer and enhance endpoint security policies, rules, and standards across global environments. • Support and troubleshoot endpoint agent installations and failures, including escalation to vendors when necessary. • Provide escalation support to junior administrators and operational teams. • Work closely with SOC, Vulnerability Management, Infrastructure, and Desktop Support teams to manage incidents and drive remediation. • Support the investigation and resolution of endpoint security incidents, including DLP, malware, and policy violations. • Collaborate with the SIEM team to ensure that alerts, vulnerabilities, and endpoint-related trends are properly analyzed. • Diagnose and resolve complex issues on endpoints, servers, software, and communication devices. • Ensure that identified issues, risks, and non-conformities are reported, tracked, and remediated effectively. • Develop and deliver weekly, monthly, quarterly, and annual security reports. • Support audits, penetration testing, and remediation follow-up. • Maintain clear and accurate documentation for tools, automation, and processes. • Collaborate with vendors, internal stakeholders, and end users to gather requirements and improve solutions.

• Implement “Security by Design” within agile software development and cloud-native environments • Act as a Subject Matter Experts (SMEs), mentoring, coaching, and supporting all security engineering efforts across the organization • Define, organize, and implement application security policy, process, standards, and guidelines • Helping engineering teams design and build high-performing, secure applications by mitigating security issues in a risk-based manner • Define, document, and champion processes and practices for a secure Software Development Life Cycle (SDLC) • Be a driving force in establishing a strong security culture within platform engineering teams • Lead Threat Modeling as a core principle for the Secure by Design strategy • Conduct Secure Code and Architecture Design Reviews, including threat modeling and technology/risk-based assessments • Automate application security testing and controls, integrating them directly into the CI/CD pipelines • Responsible for the deployment, operation, and tuning of security tools (SAST, DAST, IAST, and CSPM) • Partner with engineering to effectively prioritize and remediate identified vulnerabilities • Manage tools for Software Composition Analysis (SCA) to ensure supply chain security