• The Cybersecurity Engineer will be responsible for ensuring that all information systems' Ports, Protocols, and Services (PPS) accessible to managed networks are registered in the PPSM central registry. • They must protect and use PPS according to the latest vulnerability assessment reports and implement them as per the current DoD STIGs on network infrastructure and application security. • The engineer will review software, hardware, and PPS against approved lists, perform access blocking as per policies. • They will manage PPSM in support of network changes, such as cloud migrations.

• Own and manage the IT general controls (ITGCs) component of the ICFR compliance program while supporting the build out of the ITGCs & IT Application controls (ITAC) for the SOX program from the ground up, leveraging existing frameworks and controls where applicable • Partner with Finance, IT, and business stakeholders to identify and document key controls over financial reporting, ensuring controls are designed and in place ahead of audit cycles • Ensure ITGCs and ITACs supporting financial systems are properly documented and operating as intended • Serve as the primary point of contact for external auditors, coordinating evidence requests, walkthroughs, and finding remediation • Build and maintain a controls inventory with clear ownership, documentation standards, and readiness status • Work cross-functionally with control owners to ensure gaps are identified early and remediation plans are in place before audit periods • Develop and report on compliance readiness and control health to senior leadership • Drive continuous improvement in the efficiency and effectiveness of the SOX Compliance system (AuditBoard) and related technologies • Maintain current knowledge of emerging risks, industry trends, and regulatory changes relevant to the business and the audit profession • Expand ownership to include SOC 1&2, PCI DSS, and NIST compliance programs, building a unified compliance function • Lead a small team of compliance specialists, providing mentorship, prioritization, and ensuring alignment across the aforementioned compliance initiatives

• Design, build, configure and deploy SailPoint’s IAM and PAM services & solution(s), including identity & accounts management, access management policies & associated controls, identity verification & authentication, secrets management, privileged access management as well as audit & reporting. • Conduct analysis, generate designs & procedures, work closely with stakeholders to define use-cases, keep & maintain inventories, and develop comprehensive documentation & diagrams. • Support IAM infrastructure operations, including troubleshooting user issues, change management, and performing system administration & maintenance. • Monitor and respond to any capacity and/or performance needs, including rotational on-call support for the IAM infrastructure. • Provide regular reports to leadership regarding security, data governance, capacity, performance, usage and licensing. • Lead projects, provide security consultation(s), and develop detailed project plans for various projects & phases (PoC, Pilot, Production rollouts). • Recommend and implement modifications that will enhance system usability & reliability while analyzing all aspects of the existing infrastructure. • Proactively establish and grow a broad collaboration with business analysts, app / system owners, architects and engineers focusing on strategy, proliferation of automation & integrations, as well as defining / building and refining enterprise services & capabilities. • Provide training on changes to system architecture and/or user experience (UX), document support procedures, and analyze user feedback to minimize impacts and maximize value to the business. • Devise, develop and implement SOPs, SLAs and supporting workflows and approval criteria. • Collect, analyze and decipher identity and security metrics & event data in order to provide meaningful recommendations to improve current policy configurations, and improvements to the UX.

• Own the lifecycle of our team members. You’ll manage workflows and integrations to ensure the right people have the right access at the right time. • Act as the primary architect for our macOS fleet using JAMF, ensuring every device is compliant, encrypted, and ready for work with minimal disruptions to the user. • Monitor and improve DLP posture through technical implementation using Crowdstrike, Slack, and Google. • Move beyond manual tickets. You’ll utilize and tune automation tools to streamline onboarding, offboarding, and support questions. • Partner with our DevOps teams to manage security access configurations within AWS, learning to navigate and secure cloud-native environments. • Champion the use of AI tools to enhance Security and IT efficiency, from automated helpdesk responses to identifying anomalous login patterns. • Partner with the HR (People) team to create impactful security trainings and updates to empower all employees to be the first line of defense. • Provide high-touch IT and security support. You’ll be the friendly face of security, helping employees understand why security protocols matter and how to follow them.