Role Description Creek Technologies is seeking a highly qualified Occupational Safety Subject Matter Expert (SME) to support the National Guard Bureau (NGB) Mishap Prevention Campaign. The Occupational Safety SME will provide expert-level occupational safety analysis, mishap prevention support, risk management recommendations, trend analysis, and strategic safety program support in alignment with the Air Force Safety Management System (AFSMS) Assurance and Promotion framework. This position directly supports ANG Safety and NGB Space Operations initiatives focused on reducing mishaps, improving organizational safety culture, identifying systemic risk trends, and advancing proactive mishap prevention across geographically dispersed operations. - Provide occupational safety expertise supporting mishap prevention, safety assurance, and risk mitigation initiatives across the Air National Guard enterprise. - Analyze occupational safety data, mishap reports, hazard trends, and operational risk indicators to identify emerging safety concerns and recommend corrective actions. - Support development and execution of safety promotion campaigns, educational products, and strategic communication initiatives. - Conduct research and analysis related to occupational safety policies, procedures, standards, and best practices applicable to military and aviation environments. - Assist with development of briefings, reports, dashboards, executive summaries, and decision-support products for Government leadership. - Collaborate with Government personnel, safety offices, analysts, and other SMEs to support enterprise-level safety initiatives and special projects. - Support data-driven safety assessments using qualitative and quantitative analytical methods. - Participate in meetings, working groups, and safety program reviews with Government stakeholders. - Provide technical recommendations to improve safety processes, hazard reporting, trend analysis, and mishap prevention effectiveness. - Support preparation of recurring contract deliverables, including monthly status reporting and operational updates. - Maintain accurate documentation and records within approved contract repositories and collaboration environments. - Support travel requirements and onsite engagements as necessary in support of contract objectives. Qualifications - Bachelor’s degree in Occupational Safety, Industrial Hygiene, Safety Engineering, Human Factors, Risk Management, Public Health, Aviation Safety, or related field. - Minimum 10 years of occupational safety experience supporting military, aviation, industrial, government, or large enterprise environments. - Demonstrated experience performing safety trend analysis, hazard identification, mishap prevention, and risk mitigation activities. - Experience supporting enterprise safety management systems or comparable organizational safety frameworks. - Strong analytical, communication, and technical writing skills. - Proficiency using Microsoft Office Suite, collaboration platforms, and data analysis tools. - Ability to work independently in a remote or hybrid environment while supporting geographically dispersed teams. - Ability to obtain and maintain a favorable background investigation and Government system access. Preferred Qualifications - Prior Air Force, Air National Guard, DoD, FAA, OSHA, or military safety program experience. - Certified Safety Professional (CSP), Associate Safety Professional (ASP), Certified Industrial Hygienist (CIH), or similar professional certification. - Experience supporting aviation or operational safety investigations. - Familiarity with Air Force Safety Automated System (AFSAS) or similar safety reporting systems. - Experience developing executive-level reports, safety briefings, and strategic communications products. - Experience supporting Safety Management System (SMS) implementation or continuous improvement initiatives. Work Location - Remote support authorized with periodic travel as required by contract performance needs. Culture & Growth Mindset - Demonstrates a commitment to continuous learning, professional development, and improving both individual performance and team outcomes. - Contributes to a collaborative, positive team culture aligned with Creek’s values of accountability, growth, and excellence. Other Duties Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. We recognize that people come with a wealth of experience and talent beyond just the technical requirements of the job. If your experience is close to what you see listed here, please still consider applying. Diversity of experience and skills combined with passion is a key to innovation and excellence; therefore, we encourage people from all backgrounds to apply to our positions. Please let us know if you require accommodation during the interview process. Creek Technologies Company is proud to be an equal opportunity employer that is committed to diversity and inclusion in the workplace. Creek Technologies considers all applicants for employment without regard to race, color, sex, sexual orientation, gender, gender identity, age, religion, nation origin, pregnancy, child or spousal support withholding, disability, marital status, genetic information, citizenship/immigration status, military/veteran status, or any other status protected by federal, state, or local law. Creek Technologies makes hiring decisions based solely on qualifications, merits and business needs at the time. Upon request, Creek Technologies will reasonably accommodate applicants with a disability who need accommodation during the application process, unless accommodation creates an undue hardship for the company.

• Lead and maintain IAM governance frameworks aligned with security best practices and regulatory requirements. • Enforce least-privilege and role-based access models across users, services, and privileged accounts. • Oversee and lead quarterly access reviews, ensuring timely certification and remediation of access exceptions. • Provide guidance on access lifecycle management, including JML processes. • Design, implement, and maintain secrets management solutions such as AWS Secrets Manager or equivalent platforms. • Ensure secure storage, access controls, rotation policies, and lifecycle management for secrets, API keys, and credentials. • Validate and monitor patch compliance across platforms to ensure adherence to defined SLAs and risk thresholds. • Define and enforce encryption standards for data at rest and in transit across cloud and enterprise systems. • Champion Zero Trust security principles, with a focus on identity-centric access, continuous verification, and network controls. • Lead creation and maintenance of compliance evidence artifacts for internal reviews and external audits.

• Monitor and investigate alerts across Microsoft Defender (Defender for Endpoint, Defender for Identity, Defender for Office 365) and associated security platforms • Analyze Entra ID (Azure AD) sign-in logs, audit logs, and risky sign-in activity to identify potential account compromise or misuse • Respond to security incidents involving endpoints, identities, email, and collaboration platforms • Tune and optimize detection rules, alert thresholds, and signal-to-noise ratios within SIEM and Microsoft security tools • Perform log analysis and basic threat hunting using tools such as Microsoft Sentinel, Defender Advanced Hunting, and audit logs • Implement and validate Conditional Access policies, MFA enforcement, and identity protection controls • Support endpoint security through Intune and Defender for Endpoint, including policy enforcement, device compliance, and response actions • Collaborate with IT to harden Microsoft 365 configurations (Exchange Online, SharePoint, Teams) and reduce attack surface • Support vulnerability management by identifying gaps and coordinating remediation across systems and endpoints • Maintain clear and audit-ready documentation of incidents, controls, and response activities • Assist with eDiscovery, audit requests, and compliance-related investigations when required • Identify gaps in monitoring, coverage, or controls and recommend improvements to security architecture

Role Description Sequencing is hiring a Director of Security to build and lead a modern security program for a rapidly scaling genomics and AI platform. This is the company’s first dedicated security leadership hire and a chance to shape the long term security foundation for a platform that handles highly sensitive consumer genomic and health data. This is a Director level role on the Engineering team, reporting to the Head of Engineering, and leading the security function as it scales, including oversight of senior offensive security personnel and external security partners. Your success helps protect the human genome, build customer trust, and make personalized health insights from whole genome sequencing safer and more accessible for everyone. Qualifications - 10+ years of experience in security engineering, application security, cloud security, security management, or CISO level roles, including 3+ years in a senior leadership or director level position. - Proven experience building or significantly maturing security programs at rapidly growing consumer technology, ecommerce, SaaS, healthcare, or direct to consumer platforms. - Demonstrated experience protecting highly sensitive customer data, including protected health information, personally identifiable information, financial data, or genomic data. - Proven track record leading SOC 2, HIPAA, and ISO 27001 certification efforts from planning through successful audit completion. - Strong understanding of modern cloud and application security practices across AWS based infrastructure and modern web application environments. - Experience operating in fast moving startup or scale up environments with evolving systems, incomplete processes, and rapidly changing priorities. - Strong understanding of modern AI security risks, including AI governance, prompt and data leakage risks, AI assisted software development workflows, and developer AI tooling controls. - Experience managing SaaS governance, shadow IT risk, vendor security reviews, identity and access lifecycle management, and third party access controls. - Experience managing offensive security initiatives, external penetration testing vendors, red team exercises, vulnerability management programs, and remediation prioritization. - Strong cross functional leadership skills with the ability to influence Engineering, DevOps, Bioinformatics, Product, and Operations teams without direct authority. - Ability to balance strong security standards with startup speed, product velocity, and practical operational realities. - Experience presenting security posture, organizational risk, incident summaries, and compliance status to founders, executives, boards, auditors, or enterprise customers. - Hands on familiarity with governance, risk, and compliance platforms such as Vanta, Drata, or equivalent, security information and event management tooling, endpoint and identity management systems, Google Workspace or equivalent productivity suite security administration, SaaS access governance tools, Jira, Confluence, and AWS security services including CloudTrail, GuardDuty, and Security Hub or equivalent cloud security services. - Experience with modern edge and cloud security platforms such as Cloudflare Enterprise or equivalent, including web application firewall management, distributed denial of service protection, bot mitigation, Zero Trust access controls, API security, and internet facing application protection. - Experience in healthcare, consumer healthtech, or HIPAA regulated environments strongly preferred. - Based in the United States and able to work fully remotely. Requirements - Own the company’s security program end to end, including policies, procedures, playbooks, runbooks, training, governance, and security documentation. - Build the governance layer that turns ad hoc security work into a repeatable, measurable, and auditable security program. - Lead ongoing HIPAA and HITECH compliance review, security gap assessment, and remediation initiatives, while driving SOC 2 and ISO 27001 certification efforts from roadmap through audit completion. - Serve as the primary point of contact for auditors, regulators, customers, and external compliance partners. - Partner closely with Engineering, DevOps, Bioinformatics, Product, and Operations to embed security into every system that touches customer genomic and health data. - Establish and enforce AI governance policies covering company wide use of AI tools, including specific platforms such as ChatGPT, Claude, Cursor, and similar tools, or equivalent, along with data classification standards, acceptable use policies, prompt handling practices, and Data Loss Prevention controls. - Define and enforce security standards for contractors, agencies, consultants, and third party development partners, including intellectual property protection requirements, controlled access policies, device management expectations, and secure handling of customer data. - Build and maintain centralized visibility into company SaaS tools, shadow IT usage, third party integrations, identity and access management, and organizational data exposure risks. - Lead offensive security initiatives, including management of senior offensive security personnel, external penetration testing firms, vulnerability assessments, and remediation tracking. - Effectively manage offensive security workstreams even when the hands on technical work extends beyond the Director’s direct technical specialization. - Stand up and operationalize the company’s incident response program, including severity classification, escalation paths, communications, executive coordination, forensic readiness, and post incident review procedures. - Serve as a senior escalation point during security incidents and maintain availability for critical after hours incident response, breach investigation, and executive coordination when necessary. - Present security posture, organizational risk, compliance status, and security roadmap updates to executive leadership in clear, business oriented language. - Lead company wide security awareness and training programs covering secure coding, phishing resistance, AI tool usage, handling of sensitive genomic data, and operational security best practices. - Translate complex security findings into practical actions engineering teams can implement without unnecessarily slowing product velocity. - Complete an initial HIPAA and HITECH security review and deliver a prioritized remediation roadmap within the first 45 days. - Reach SOC 2 readiness within 6 months aligned with the company’s infrastructure modernization roadmap. - Establish a recurring external penetration testing cadence with measurable remediation tracking and executive visibility. Company Description