• Provide technical leadership for Certification & Accreditation (C&A) and Risk Management Framework (RMF) activities supporting system authorization decisions. • Lead RMF strategy and authorization roadmap. • Guide NIST SP 800-37 lifecycle activities. • Identify NIST SP 800-53 security controls. • Validate FIPS 199 and FIPS 200 categorization. • Oversee SSP, Risk Assessment, ST&E, and authorization package development. • Provide interpretation of NIST, FIPS, and federal requirements.

• Data Collection: Locate, target and recapture data from Phishing-as-a-Service (PhaaS) kits using a combination of human intelligence and platform sourcing. • Data Analysis: Apply data science techniques to understand the quality of sourced data, in order to refine and improve the PhaaS data sourcing pipeline. • Human Intelligence: Perform human intelligence techniques such as managing multiple alternate personas, actor engagements, and social engineering in support of data recapture efforts. • Security Analysis: Participate in the drafting of research blogs and analytical products to support customers and business objectives. • Security Research: Participate in security research including investigation of threat actors, PhaaS, and other critical research in support of SpyCloud’s priorities.

• Serve as primary point of contact for project management • Manage project schedule, deliverables, and milestones • Lead kickoff meetings, status reporting, and review cycles • Track risks, issues, and action items • Coordinate with CO/COR, CISO, and technical teams • Maintain deliverable register and quality control process • Ensure successful project completion within timelines

• Lead, coach, and grow the Security Engineering team, including both Cloud Security Engineers and Application Security Engineers • Set priorities and operating rhythms for the team, balancing strategic security investments, day-to-day engineering support, and incident response • Design and implement security controls across our Cloud environments, such as but not limited to: AWS, Azure, GCP, Digital Ocean, OCI, etc., including IAM, SCPs, VPC security, S3 bucket policies, security groups, key management, and logging • Continuously monitor and improve cloud posture by managing and tuning services such as GuardDuty, Security Hub, AWS WAF, CloudTrail, and Inspector • Partner with engineering teams to embed security into the SDLC, including secure design reviews, threat modeling, architecture review, and CI/CD security automation • Lead the application security program, including secure coding practices, vulnerability management, developer enablement, and product security reviews • Continuously monitor and improve application security tooling by managing and tuning services such as SonarQube, Dependency Track, ZAproxy, Trufflehog, Trivy • Build and maintain GitLab CI/CD pipelines and tooling for automated security testing and scanning of cloud resources and applications • Conduct threat modeling, architecture reviews, and risk assessments for cloud deployments, product features, and new systems • Implement security monitoring, secure systems hardening, and detective controls for malicious activity across AWS and application environments • Respond quickly to new and emerging threats and vulnerabilities; support investigations, post-mortem analysis, root cause identification, and preventive actions • Define and enforce identity and access management best practices, including least privilege, federated identity, role-based access control, and automated remediation • Develop and maintain security policies, standards, and procedures aligned to frameworks such as SOC 2, GDPR, ISO 27001, FedRAMP, NIST, CIS, and MITRE ATT&CK • Create metrics, reporting, and risk narratives that communicate security posture, trends, and priorities to business owners and leadership • Evaluate and recommend new tools, techniques, and controls to improve the security posture of our cloud and application environments