• Design, implement, and maintain secure cloud infrastructure and configurations across AWS and GCP, aligned with HIPAA, GDPR, and internal security standards. • Own and continuously improve Sword’s cloud security posture, leveraging CSPM, CWPP, and CNAPP capabilities to proactively identify and mitigate risks across cloud infrastructure, workloads, and identities. • Act as a subject matter expert in Identity and Access Management (IAM), including RBAC design, least-privilege models, service accounts, workload identities, role lifecycle management, and access reviews across cloud environments. • Monitor cloud environments for security threats, vulnerabilities, and misconfigurations, ensuring timely and effective detection and response. • Lead and support incident response activities, including log analysis, forensic support, root cause analysis (RCA), post-incident reviews, and long-term remediation planning. • Evaluate, design, and ensure the availability and quality of logging, monitoring, and traceability data sources required for effective security operations and investigations. • Provide guidance on compensatory and mitigative controls, applying risk-based decision-making when ideal controls are not immediately feasible. • Own the end-to-end vulnerability management lifecycle, applying risk-based judgment beyond CVE severity by considering exploitability, asset criticality, exposure, business context, and operational trade-offs, while clearly communicating prioritization decisions, managing remediation timelines, and driving vulnerabilities to closure in close collaboration with engineering teams. • Lead and operate key cloud security platforms and services, including Wiz, Google Security Command Center, and related detection and posture management tooling. • Partner with Infrastructure and Engineering teams to build security automation, infrastructure-as-code controls, and scalable security guardrails using scripting and automation (Python, n8n, Bash, etc.), including Terraform-based controls, Kubernetes security configurations, and CLI-driven workflows to enforce secure-by-default cloud and platform environments. • Define, track, and report security metrics and KPIs, such as cloud posture maturity, vulnerability remediation SLAs, detection coverage, IAM hygiene, and incident response effectiveness, enabling data-driven security decisions. • Develop, document, and evangelize cloud security standards, patterns, and best practices, driving consistent adoption across teams. • Operate with an engineering-first, efficiency-oriented mindset, continuously seeking ways to reduce toil, automate controls, and scale security without unnecessary friction.

• Act as a lead consultant on multiple client engagements with limited direction • Understand client business requirements and provide guidance throughout design, configuration and prototype, and assist clients with testing and move to Production efforts • Support clients during Annual Events such as: Annual Talent/Performance, Merit, Open Enrollment, ACA, etc. as needed • Partner with Engagement Managers to keep them informed of project status, changes, etc. • Collaborate with cross-functional counterparts to ensure clear lines of communication and project alignment • Accurately maintain forecast in a timely manner • Partner with the Sales team and serve as a Subject Matter Expert while assisting with sales presentations, demos, and LOEs • Stay up to date on industry knowledge, Workday enhancements, and be able to advise on Workday best practices • Build strong relationships with clients, gained through trust and exceptional customer service

• Developing and enhancing tools using Python and Linux to improve identity visibility, connectivity, and security • Using Python, REST API, GraphQL, Pandas, and data analysis techniques to process logs, identity events, and access data • Building dashboards, reports, and metrics to help measure and improve identity security posture • Supporting initiatives around SSO, MFA and NHI posture management • Learning how to automate identity and security workflows to improve infrastructure protection • Gaining hands-on experience with Linux administration, secure system configurations, and identity security best practices

• The Principal Cybersecurity Architect is responsible for driving enterprise-wide technology security strategy and providing technical expertise to business areas and project teams with an emphasis on implementation of innovative, leading-edge security technology solutions. • Proven Track Record of accomplishments and experience leading the design and deployment of AI Architectures (both On-Premise and Public Cloud) and driving and deploying Secure Cloud Adoption on an enterprise scale from Foundational Security Controls to Cloud migrations. • Extensive experience migrating from a large scale onprem datacenter to the cloud while maintaining the proper levels of security, compliance and regulatory adherence. • Cross-Functional Communication: Bridging gaps between data scientists, engineers, AI Architects, Cloud Architects, Data Protection professionals, legal, and executive teams. • Security Evangelism: Promoting secure-by-design principles across AI and Cloud initiatives. • Mentorship & Governance: Leading security teams and establishing governance frameworks for AI and Public Cloud adoption. • AI-Specific Security Expertise: Understanding of AI/ML Risks, Model Connectivity & Secure Deployment, AI Lifecycle Security. • Enterprise Security Architecture: Zero Trust & Identity Management, Cloud & Hybrid Security, Security Design Patterns. • Technical Depth in AI & Cloud Infrastructure: API & Data Security, AI System Integration, Public Cloud Integration, Model Usage Procedures. • Regulatory & Compliance Knowledge: Healthcare Regulations, Audit & Risk Management.