Role Description This position is for Strategic Technology Consulting (STC), an Arcfield Company. STC is seeking a seasoned Tech Lead and Principal Investigator (PI) to lead the design, integration, and testing of innovative Alternative Assured Position, Navigation, and Timing (A2PNT) solutions. This role requires driving technical efforts, managing program milestones, and producing mission-ready capabilities that enable resilient PNT across diverse platforms, from maritime vessels to ground-based systems. - Program Leadership: Lead program planning, design reviews, and technical oversight of A2PNT solutions, ensuring alignment with operational needs and milestones. - Design and Integration: Lead efforts to architect, prototype, and implement A2PNT solutions emphasizing data fusion, decision logic pipelines, AI, and MOSA integration. - Testing and Validation: Oversee system integration, testing, and performance analysis, delivering prototypes and findings that inform operational decision-making. - Collaboration: Work closely with government stakeholders, mission engineers, and subcontractors to ensure seamless integration and technical excellence. Qualifications - BS 8-10, MS 6-8, PhD 3-5 (Bachelor’s degree in Systems Engineering, Aerospace Engineering, Electrical Engineering, or a related technical discipline) - Experience leading R&D programs as a PI, Project Manager, or Program Manager, demonstrating the ability to drive technical vision and execution. - Familiarity with embedded systems, including expertise in VPX, VITA90/VNX+ standards, product line engineering, and sensor fusion. - Knowledgeable about NAVWAR challenges and solutions. Familiarity with USMC mission sets. - 5+ years of relevant systems engineering experience, with demonstrated PNT integration exposure. - Proven track record in conducting lab and field demonstrations of complex HW/SW systems. - Experience integrating PNT technologies across diverse platforms (ground, air, maritime, space, or joint systems). - Demonstrated expertise in managing government relationships, with experience transitioning programs from the R&D phase to full production and scaling operational capabilities. - Strong analytical, problem-solving, and cross-functional communication skills. - Must be able to obtain and maintain a U.S. DoD Secret Security Clearance. - Ability to travel up to 25%. Requirements - Equal Pay Act: This is the projected compensation range for this position. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. - Min: $105,199.68 - Max: $206,990.49 Benefits - Health Insurance - Life Insurance - Paid Time Off - Holiday Pay - Short Term and Long-Term Disability - Retirement and Savings - Learning and Development opportunities - Wellness programs - Other optional benefit elections EEO Statement We are an equal opportunity employer and federal government contractor. We do not discriminate against any employee or applicant for employment as protected by law.

• Sets an example for other GTM function members in all phases of planning and execution • Is a subject matter expert on security products to other GTM function members • Ensures policies, practices, and procedures are understood and followed by team members, partners, customers, and stakeholders • Develops unified product positioning and messaging that differentiates our products in the market • Develops and communicates ideal customer profiles and value propositions of our products as well as the tools that support the selling process • Oversees security product launches and releases while coordinating the cross-functional execution • Monitors internal processes for efficiency and validity pre- and post- product launch • Serves as a resource for customer-facing release webinars, analyst research and briefings, and other market-centric engagements • Understands the market landscape and works with the competitive intelligence team to drive actionable insights about opportunities and threats in the market • Assists with communications, marketing campaigns and sales programs to drive demand for products • Develops and manages the positioning and messaging for product expansion strategies • Engages in continuous improvement of team processes

• Security Solutions Configuration, Review & Optimization • Within 30 days, the Infrastructure Security Engineer should be able to carry out configuration of various security solutions including network firewalls, Endpoint Detection & Response Solutions, Web Application Firewalls, Cloud Native Application Protection Platforms, Security Incident and Event Management, Security Orchestration Automation and Response Solutions, Identity Provider Solutions and Threat Management Solutions among others • Within 90 days, the Infrastructure Security Engineer should be able to carry out reviews & optimizations on various security solutions in compliance with the established policies • Within 180 days, the Infrastructure Security Engineer should review current security baselines & ensure alignment of all security and technology solutions with the security baselines across all environments (cloud, endpoints, network) • Audits & Compliance Reviews • Within 90 days, the Infrastructure Security Engineer should have adequate understanding of our existing infrastructure security systems and technical controls (how they work, effectiveness & gaps if any) to be able to provide insights during audits & compliance reviews • Within 180 days, the Infrastructure Security Engineer should be able to assume roles within our Information Systems Management framework • Within 180 days, the Infrastructure Security Engineer should be able to work with Governance Risk & Compliance to close audit findings quickly and effectively • Access Control Management & Optimization • Within 30 days, the Infrastructure Security Engineer should have an understanding of our Access Control Policies, Processes & Technologies • Within 30 days, the Infrastructure Security Engineer should be able to take ownership of Access provisioning, decommissioning & access management optimization • Within 90 days, the Infrastructure Security Engineer should have conducted a review of the current access management system, identified gaps and propose recommendations • Vulnerability Management • Within 60 days, establish a consistent vulnerability management process across infrastructure and endpoints • Within 90 days, ensure all critical & high vulnerabilities have clearly defined remediation SLAs • Within 180 days, reduce monthly recurring unremediated vulnerabilities by 40% • Provide clear, actionable vulnerability remediation guidance to Engineering and DevOps teams. • Security Monitoring, Detection & Response • Within 30 days, review and be conversant with existing SIEM architecture • Within 90 days, identify and document all areas of improvement in our security event monitoring • Within 180 days, start implementing all areas of improvement to log aggregation, security event analysis and alerting • Within 90 days, identify new playbooks for automated incident response in the SOAR and document the recommendations • Within 12 months, implement the playbooks for automated incident response recommendations in the SOAR • Continuously improve detection coverage and incident response automation and orchestration across cloud, endpoints, and network layers • Secure Cloud & Network • Within 30 days, review and understand services & configurations across multi-cloud platforms • Within 60 days, be able to administer security policies & security services across multi-cloud platforms • Within 60 days, partner with relevant Engineering teams to ensure security is embedded in infrastructure design and configuration from day one • Security Operations & Automation • Within 30 days, review existing automations, test them out and identify areas of for optimization/improvement • Within 180 days, automate at least 30% of repetitive security operations tasks • Continuously evaluate and implement new tools that improve detection, prevention, or efficiency • Continuously improve security policies and enforcement mechanisms • Cross-Functional Security Enablement • Work closely with Engineering, DevOps, and Product teams to embed security into workflows • Provide hands-on guidance during system design, deployments, and incident response • Promote strong security practices across the company — not just enforce them

• Planificar y ejecutar pruebas de penetración en aplicaciones web, móviles (iOS/Android), API, infraestructura en la nube y redes internas, siguiendo PTES, OWASP WSTG, OWASP MASTG, OWASP API Security Top 10, OWASP ASVS y NIST. • Mantener listas de verificación versionadas, reproducibles y auditables por tipo de objetivo, cubriendo IAM, autorización basada en roles, idempotencia, limitación de tasa, manejo de errores y exposición de información. • Realizar revisiones de código de seguridad de aplicaciones en bases de código backend: validación de entrada, errores de autorización (BOLA/IDOR), errores lógicos financieros (precisión decimal, redondeo, conversiones), concurrencia, idempotencia, firmas de webhook y manejo de secretos. • Operar y ajustar la cadena de herramientas de AppSec integrada en el SDLC: SAST, DAST, SCA, escaneo de secretos y escaneo de IaC. • Diseñar y mantener un programa de modelado de amenazas (STRIDE / PASTA / LINDDUN) para características críticas del producto. • Auditar implementaciones de OAuth 2.0 / OIDC / JWT para confusión de algoritmo, ataques de repetición, rotación de tokens de actualización, PKCE y validación de reclamos (iss/aud/exp). • Realizar pruebas de seguridad de API profundas: BOLA/BFLA, asignación masiva, limitación de tasa, idempotencia, condiciones de carrera y webhooks firmados. • Asegurar integraciones de socios: CSP, frame-ancestors, postMessage, CORS, SameSite y sandboxing. • Buscar vulnerabilidades de lógica empresarial con impacto económico directo: doble gasto, repetición de transacción, condiciones de carrera, montos negativos, desbordamiento/subdesbordamiento, bypass de límite, manipulación de redondeos y reutilización de claves idempotentes. • Construir flujos de trabajo asistidos por IA para recon, triage, generación de PoC, revisión de código y fuzzing dirigido. • Aplicar OWASP Top 10 para LLM y MITRE ATLAS al evaluar características del producto con IA generativa. • Escribir informes ejecutivos y técnicos con gravedad CVSS v4, impacto comercial, PoCs reproducibles y remediaciones accionables. • Rastrear hallazgos hasta su cierre con SLA por gravedad. • Generar evidencia auditables para ISO 27001, BCRA y procesos de diligencia debida de socios. • Presentar hallazgos a los equipos de ingeniería, CTO, CISO y el comité de riesgos. • Incrustarse con escuadras como socio de seguridad: revisiones de diseño, revisiones en pareja y mentoría sobre codificación segura. • Diseñar ejercicios de equipo morado con SecOps, realizar CTF internos y bashes de errores, y mantener un programa de recompensas por errores.