• Lead and maintain the organization’s information security governance framework, aligned to ISO/IEC 27001, including policies, standards, and control frameworks. • Provide alignment between cyber security program and ISO 22301. • Drive compliance with DORA, including ICT risk management, incident reporting, resilience testing, and third-party oversight. • Ensure ongoing alignment with Lloyd's of London, FCA and PRA regulatory expectations. • Oversee compliance with NYDFS Cybersecurity Regulation (23 NYCRR 500) where applicable. • Monitor emerging regulatory requirements and translate them into actionable security and resilience initiatives. • Act as a senior point of contact for regulators, auditors, and external assessors. • Provide leadership for enterprise information and cyber security risk management. • Support the definition and maintenance of security risk appetite, tolerances, and risk acceptance processes. • Review and challenge security risk assessments for critical systems, cloud platforms, major change programs, and third-party arrangements. • Oversee security control assurance, testing, and remediation tracking. • Produce clear, risk-focused reporting for executive management, risk committees, and the Board. • Provide oversight of cyber incident management, ensuring compliance with regulatory notification and reporting requirements. • Act as a decision-maker during major incidents, crisis situations, and cyber events. • Ensure regular testing of incident response, crisis management, and business continuity plans. • Oversee third-party and supply-chain security risk management, including due diligence, contractual controls, and ongoing monitoring.

• Ontwerpen en implementeren van Microsoft security-architecturen • Werken met Microsoft Defender, Sentinel en Entra ID • Adviseren over identity, compliance en threat detection • Ondersteunen bij incidenten en security-vraagstukken • Vertalen van risico’s naar concrete maatregelen

• Conduct comprehensive security assessments of mobile applications, IoT hardware/firmware, compiled software, and browser extensions • Perform reverse engineering and vulnerability analysis, and penetration testing to uncover security risks • Analyze binary file formats (PE, ELF, Mach-O) and runtime behaviors for security flaws • Review browser extensions and software plugins for security flaws and compliance with best practices • Perform product data analysis to identify potential vulnerabilities and determine access scope • Collaborate with cross-functional teams (e.g. - engineering, product, and security) to enhance security measures and improve resilience against cyber threats • Develop and recommend mitigation strategies and risk profiles for identified vulnerabilities • Document findings and communicate security recommendations to both technical and non-technical audiences • Maintain organizational product inventory with security assessment status and secure configuration requirements • Responsible for the production and maintenance of security documentation, such as bill of material repositories and analytical procedure guides.

• Drive revenue and increase market share in a defined set of accounts, resulting in the acquisition of new customers. • Develop a territory execution plan to meet or exceed quarterly revenue and new customer targets using a defined target prospect list. • Research & qualify prospects using business development strategies and completing field based sales activities. • Manage numerous accounts concurrently & strategically. • Personally create new leads and relationships with prospects and customers. • Become an expert at articulating OPTIV’s unique value proposition. • Learn OPTIV’s extensive catalog of service offerings and the local practice leaders who can assist assessing customers needs and fitting services to match them. • Build trusted, effective and productive relationships with technical, financial and executive decision makers within assigned accounts. • Create Account Plans for new clients based upon identified business, technology and security goals, coupled with Optiv's understanding of security trends, threats and points of view for each assigned account. • Build a sales pipeline to ideally 3 times assigned targets. • Manage current and multi-quarter forecasts with a high degree of accuracy, currency and integrity. • Execute with discipline and in alignment with Force Management principles including MEDDICC and Command of the Message. • Build strong, collaborative and productive relationships with technology partners and their respective sales personnel. • Facilitate all necessary communications between clients, technology partners and members of the extended Optiv team within each assigned account. • Maintain collaborative and effective internal communications with Optiv team members relative to specific opportunities.