• Play a key role in looking after the vulnerability management process at Glia • Collaborate with other teams on the implementation of new security policies and procedures • Manage, test and categorize incoming information on security incidents (internal, reported, or industry-wide) • Perform regular vulnerability scans and security control reviews to ensure a continuously strong security posture • Participate in security reviews and risk assessments of AI tools used across the company • Assist Compliance in ongoing compliance activities and monitoring efforts across different regulations (GDPR, SOC 2, HIPAA, PCI-DSS, CCPA, etc.)

• Monitor and analyze security alerts and events from various security tools and systems. • Coordinate over multiple mediums with users and administrators of various roles and backgrounds during incident investigations and response. • Collect and analyze raw events and alerts. • Construct timelines surrounding activity that is adversarial or otherwise related to the investigation at hand. • Provide feedback on alerts received and events reviewed to the betterment of detection capabilities. • Escalate tickets, when necessary, based on established processes. • Classify and prioritize incidents based on established criteria. • Consistently provide professional-quality customer service. • Thoroughly and accurately document work details within the ticketing system. • Maintain familiarity with products in use and the ability to quickly familiarize with related technologies. • Stay informed of breaking news and industry best practices from multiple reliable sources and share findings. • Attend and contribute to regular team meetings.

• Assist the Facility Security Officer (FSO) with administration and implementation of the 32 CFR Part 117, National Industrial Security Program Operating Manual (NISPOM) Rule for SGS subsidiary companies. • Update DCSA systems, Personnel Security, Foreign Travel briefings, and other program briefings. • Process Visit Requests as necessary and monitor expiration dates for expirations and extended visits. • Coordinate Insider Threat Program activities and ensure program requirements are met for the Insider Threat Working Group. • Coordinate in-processing activities for staff members with government customers, processing requests for Common Access Cards (CAC), other badges and ensuring visitor records remain current. • Assist the FSO with facility clearance sponsorship actions and DD 254 creation and tracking needed. • Assist with self-inspections alongside FSO and prepare for Security Vulnerability Assessments (SVAs) to ensure the facility is prepared for assessments. • Assist with self-inspection final reports and submit to company leadership and DCSA as required. • Coordinate and assist with the security training and awareness program and ensure initial, refresher, and debriefings are conducted as required. • Distribute security awareness information. • Establish and maintain successful working relationships with DCSA, government customers, subcontractors, and internal customers. • Assist with hiring actions relative to security clearance screenings and onboarding actions. • Assist with managing security violations, reporting and tracking disciplinary actions, and respond to general security questions. • Track and maintain access briefings necessary per individual DD 254 contract requirements. • Review accuracy of DD 254s upon receipt for government and prime contractors to ensure security requirements are followed as required. • Monitor and ensure NISS is updated and accurate for the company’s facility clearance. The Security Administrator may be required to perform other duties to meet the ongoing needs of the organization.

• Write and optimise Rust code to build security-critical components and tools • Perform deep manual and automated code reviews to identify and mitigate security vulnerabilities • Design and implement machine learning models for automated security analysis, anomaly detection, and threat mitigation • Manage bug bounty submissions, triage security reports, and collaborate with ethical hackers to resolve issues • Work with engineering teams to integrate security best practices into the software development lifecycle • Identify and assess security risks in our blockchain infrastructure, smart contracts, and core software • Research and implement the latest advancements in secure coding, ML-driven security, and blockchain security