• Serve, prospect for, solicit, and develop business relationships with members and clients • Sell life and health insurance products and services through multiple distribution channels • Analyze member/client needs and recommend personalized solutions • Balance sales objectives, risk management, profitability, and member/client satisfaction • Advise and assist current and potential members and clients

• Conduct scans (agent/network), analyze results (CVEs, CVSS), identify systemic issues, and perform risk assessments for complex environments (cloud, mobile, DB, OS) • Define VM policies, improve posture, guide remediation, lead risk reduction initiatives, and serve as the subject matter expert for complex security vulnerability challenges • Develops reports, dashboards, and alerts to automate tasks (Python, PowerShell), and track metrics. • Monitor threat landscape, analyze new vulnerabilities (NVD, MITRE), and provide proactive guidance. • Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. • Provides complex engineering analysis and support for firewalls, routers, networks and operating systems. • Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment. • Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security. • Oversees user access process to ensure operational integrity of the system.

• You'll be the technical voice of product security across Aalyria, reporting to the Director of Security & IT. • You'll own application security, CI/CD and supply-chain security, our Kubernetes-based product infrastructure, product-side authentication and PKI. • You'll partner closely with hardware engineering on Tightbeam. • Application & software security. SAST/DAST/SCA, secure SDLC, threat modeling, and software vulnerability management across our codebase. • CI/CD and supply-chain security. Hardening our GitLab pipelines, build provenance, dependency integrity, signing, and SLSA-aligned controls. • Product infrastructure security. GKE and Kubernetes hardening, container security, workload identity, network policy, and runtime protection. • Product PKI. Certificate lifecycle, issuance, rotation, and mTLS architecture across distributed services and remote assets. • Vulnerability management. Triage, prioritization, remediation tracking, and exception handling, for both disclosed upstream issues and internal findings. • Product incident response. Leading triage and response for product-side security incidents, coordinating with corporate IR, and driving post-mortems to action. • Product infra hardening. Baseline configurations, secure defaults, and compensating controls across product environments. • Hardware security partnership. Working with the Tightbeam team on firmware security, secure boot, key storage, and hardware supply-chain integrity.

• Codify and execute the security roadmap for the organization, prioritizing the further hardening of critical systems (payment infrastructure, donor data stores, authentication flows, API integrations) and ensuring compliance with applicable laws (e.g., data privacy and security). • Partner directly with PDE leadership to embed security controls into the development lifecycle: threat modeling, secure code review, vulnerability management, and CI/CD pipeline security tooling (SAST, DAST, SCA) • Own the security incident response plan end-to-end: detection, containment, investigation, notification, remediation, and post-incident review • Work with IT to drive identity and access management improvements, including role-based access controls, MFA enforcement, endpoint security, and session management • Develop a deep understanding of fraud vectors in the fundraising and payments space—stolen cards, synthetic identities, friendly fraud, campaign abuse—and help us build systems that adapt as threats evolve. • Manage vendor security risk assessments for third-party tools, integrations, and sub-processors, with continuous monitoring rather than annual check-ins • Own the penetration testing program: vendor relationships, testing cadence, findings translation into engineering tickets, and remediation tracking to closure • Develop and deliver security awareness training for all employees, with targeted modules for PDE, CX, and leadership audiences • Lead SOC 2 Type II certification end-to-end: gap analysis, control design, evidence collection, remediation tracking, auditor coordination, and ongoing maintenance • Build the roadmap toward ISO 27001 certification as the security program matures • Serve as primary owner of our GRC platform (Vanta): driving task completion, monitoring compliance gaps, triaging findings, and ensuring remediation owners are accountable • Manage all external auditor and certification body relationships • Build and maintain evidence repositories that support continuous (not just point-in-time) compliance • Prepare board-ready compliance status reports and risk summaries quarterly • With the General Counsel’s guidance, own all required licenses, registrations, and regulatory filings across US jurisdictions, including state charitable fundraising platform registrations and other licenses • Manage the Trust Center: content accuracy, access approvals, and customer-facing compliance documentation