• Provide best-in-class project management, oversight, build, and customer service for end users and stakeholders of the EHR system • Manage multiple project workstreams across multiple clients (time slicing) • Develop, mentor, train and oversee a team of analysts ranging from entry level to senior • Manage scope, work product, and time billed for resources assigned to your teams and projects • Develop training curricula and materials to support the development of entry level analysts • Identify opportunities for improvement in the engagement offering and additional value to the client (speed, quality, cost) • Stay attuned to new features, functionalities, and strategic direction in the EHR related to their domain of expertise • Translate complex requirements from stakeholders into workflows and build and document decisions for future reference • Assess criticality of requests against the current system functionality, maintenance implications, and value of the build for stakeholders • Perform design, build, and testing for application functions with minimal errors • Drive data analysis and reporting to support clinical and administrative decision-making • Increase firm presence through social media, community involvement, and professional associations

• Lead and approve security assessments for AI-enabled products, AI-bearing vendors, and third-party technologies • Act as the escalation point and named reviewer for high-risk and AI-related engagements • Define and continuously improve AI-focused assessment frameworks, including controls, evidence standards, and scoring models • Drive automation of assessment processes to improve efficiency, scalability, and turnaround time • Partner with TPRM, Procurement, Legal, Privacy, and Architecture teams to embed security into vendor selection and lifecycle processes • Provide expert advice on regulatory, legal, and third-party risk implications during solution design and vendor selection • Maintain audit-ready documentation and support regulatory compliance (e.g., OSFI B-13) • Produce risk reporting and insights for cybersecurity leadership • Monitor emerging AI threats and regulatory developments and integrate them into assessment practices • Mentor junior team members and support capability development

• Own the cybersecurity engineering practice strategy, aligning team capacity, skills, and engagement models to SHI’s revenue targets and customer demand signals. • Lead, develop, and scale a team of Field CISOs and security engineers who deliver expert technical opinions through the GUIDE engagement methodology—discovery, qualification, assessments, demos, labs, and architecture reviews. • Drive revenue influence by getting security engineers closer to the sell: qualifying deals with account teams, pushing pipeline forward, shortening sales cycles, and providing the technical credibility that closes complex security transactions. • Serve as SHI’s senior cybersecurity voice to customers, partners, and internal stakeholders—articulating how security investments map to business risk reduction, compliance outcomes, and operational resilience. • Maintain deep fluency across the cybersecurity vendor ecosystem (CrowdStrike, Palo Alto Networks, Zscaler, Cisco Security, Microsoft Security, Arctic Wolf, and others), positioning SHI as an objective advisor rather than a single-vendor advocate. • Build and operationalize the CISO engagement model—understanding how CISOs think about cost vs. capability trade-offs, how security decisions move through the customer’s organization, and how to position SHI engineers as strategic partners in those decisions. • Partner with Sales, the Strategic Technology Office (STO), and cross-functional ASG leadership to ensure security practice priorities align with enterprise pipeline, EBC qualification, and customer success objectives. • Track and communicate security market dynamics—emerging threats, vendor consolidation, regulatory shifts, and AI-driven security trends—translating them into actionable positioning for SHI’s field teams. • Own security practice metrics: revenue influenced, engagement volume, pipeline contribution, customer satisfaction, and team utilization. • Report strategic insights and recommendations to executive leadership. • Recruit, mentor, and retain top security talent, fostering a culture of technical excellence, continuous learning, and customer-first engagement. • Lead security-specific enablement—training engineers on customer decision frameworks, competitive positioning, and consultative selling within the security domain.

Role Description Provide knowledge of SAP and the administration needs to accommodate technical planning, installation, and user access management. Contributes to moderately complex aspects of a project. Work is generally independent and collaborative in nature. Primary Responsibilities - Participate in small to large SAP implementations. - Contribute to maintenance activities related to security and access management. - Generate access review documents to support internal/external audits. - Ensure compliance to security policies and procedures. - Perform SAP user administration and role development tasks. - Provide security direction to business units and engineers. - Provide security support for system upgrades and testing cycles. - Create and contribute to technical documentation and diagrams. Secondary Responsibilities - Participate in off-hours on-call rotation. - May provide second level troubleshooting support and assistance to other admins and engineers. - Attends and is prepared to participate in department and company meetings. - Performs other job related duties and special projects as required. Qualifications - Demonstrable technical ability to execute system security tasks for SAP and implement strategies for future solutions. - Introductory knowledge of SAP authorization concepts and transactions like SU01, SU10, SU24, SUIM. - Maintain and support a strong SAP security environment. - Provide security reporting on users, roles, and critical object access. - Support security aspects of system builds, upgrades, patching, client copies, refresh, etc. - Introductory experience with the SAP GRC Access Control, segregation of duties, and audit processes. - Introductory experience with implementing and managing core GRC modules ARA, ARM, EAM, BRM. - Define risks, conduct risk analysis, and monitor for continuous improvements and compliance. - Knowledge of implementing SAP Fiori catalog/groups and their relationship with roles. - Excellent communication skills and ability to work with business directly on gathering requirements, designing solutions, and troubleshooting issues. - Building and maintaining up-to-date knowledge about company and industry trends and strategy, and advising customers on approaches to optimize business success. - Change control procedures. - Adherence to regulatory requirements. - Writing technical documentation. - Debugging, troubleshooting, and performing root cause analysis. - Organization skills with the ability to effectively meet deadlines. Requirements - Associates Degree or higher plus 0-2 years in information technology; or related experience. Worker Characteristics - Commitment to the Hy-Vee Mission and a willingness to promote the values of the company. - Excellent verbal and written communication skills. - Excellent interpersonal skills; ability to relate to and interact with other people in a friendly, professional manner. - Ability to identify problems, develop and execute solutions. - Self-starter; willingness to dive in without being instructed. Working Conditions - The duties of this position are performed in a general office setting. - There is the occasional need to travel. - There is frequent pressure to meet deadlines and handle multiple priorities. Equipment Used to Perform Job - Desktop and/or laptop computer. - Third party applications, printers, and telephone. Physical Requirements - Visual requirements include: ability to see detail at near range with or without correction. - Must be physically able to perform sedentary work: occasionally lifting or carrying objects of no more than 10 pounds, and occasionally standing or walking, reaching, handling, grasping, feeling, talking, hearing, and repetitive motions. Confidentiality - Has access to confidential information including payroll, inventory costs, sales, accounts payable and receivable, pharmacy data, e-mail messages, and all data related to operations. Financial Responsibility - Responsible for company assets including maintenance of software solutions. No authority to make purchases or commitments. Contacts - Frequent contact with office personnel in other departments related to the position as well as occasional contact with users and customers. Company Description Hy-Vee, Inc. is an employee-owned grocery store chain with more than 285 retail stores and over 80,000 employees. With sales of more than $13 billion, Hy-Vee ranks among the top 25 supermarket chains and the top 50 private companies in the United States. Its slogan, “A Helpful Smile in Every Aisle,” expresses the foundation of the company’s operating philosophy. Visit itcareers@hy-vee.com to apply or https://innovate.hy-vee.com to learn about all the exciting things our IT organization does! Are you ready to smile? Apply today. Employment is contingent upon the successful completion of a pre-employment drug screen.