• Manage, assess, and mentor the SecOps staff in monitoring, response, and continuous improvement. • Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the enterprise environment. • Ensure systems' security by monitoring reports and evaluating threats. • Perform and manage the implementation of counter-measures or mitigating controls. • Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices, research, malicious code reverse engineering, penetration testing, and threat intelligence. • Assist in performance and coordination of Security Incident Response activities. • Monitor and analyze logs from various systems, ensuring audit trails, system logs and other monitoring data is reviewed and actionable. • Perform all assigned duties in compliance with internal policies and standards and external regulations. • Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, external web integrity, and certificates to determine compliance. • Provide clear communications to management on various cyber activity. • Monitor and maintain systems and procedures to protect data from unauthorized users. • Coordinate with users to discuss issues such as access needs, security violations, and security training needs. • Work closely with 3rd party partners to secure data and assets. • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk. • Manage security projects and provide expert guidance on security matters for other IT projects. • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and comply with policies and audit requirements. • Develop and evolve IT security policies, standards, guidelines and procedures to ensure operating efficiency and regulatory compliance.

• Own end-to-end application security for all Self products • Conduct and manage vulnerability scanning, triage, and remediation tracking using security tools (e.g., SAST) • Partner closely with engineering and product teams to remediate critical security findings • Lead and perform third-party vendor security reviews and risk assessments • Support SOC 2 and PCI compliance efforts, including audit preparation and evidence collection • Identify application-level security risks and recommend mitigation strategies • Help embed secure-by-design practices into product development processes • Monitor emerging application security threats and recommend appropriate controls

• Collaborate across GuidePoint sales and service teams and provide thought leadership for customers, partners, and internal partners. • Act as a pivotal bridge between our sales and delivery teams. • Field new opportunities, accurately scope projects, and represent our delivery capabilities to clients. • Leverage technical expertise and consultative approach to drive business growth and ensure client satisfaction. • Provide expert guidance on the GuidePoint Security Information Assurance services portfolio. • Collaborate with sales teams to identify client needs, develop tailored solutions, and contribute to proposal development. • Accurately report opportunities and forecast for service-related engagements. • Drive revenue and profitability by expanding our customer base and deepening engagements with existing clients. • Lead strategic planning sessions and workshops with executive teams to align security solutions with business objectives. • Understand and articulate complex technical information to both technical and non-technical audiences. • Enable and educate field Account Executives to engage strategically with their customers. • Support partners and sales campaigns by developing services and programs that can be leveraged company wide. • Contribute to practice development and enhancement of service offerings. • Stay at the forefront on the information security industry by perpetually strengthening relevant skills and knowledge. • Incorporate industry developments into service delivery and client solutions. • Travel up to 20% may be required to support clients.

• Complete a practitioner-level skills assessment • Complete a short post-assessment survey • No meetings, facilitation, reviews, or follow-up work • This is a finite, transactional engagement with clearly defined deliverables. • Estimated completion time: Approximately 1 hour