• Ensure cloud-hosted IT systems are architected and designed to meet DoD security requirements, standards, and control baselines. • Review cloud security policies and provide recommendations to improve overall security posture, including protection, detection, monitoring, and incident response capabilities for systems and data. • Apply knowledge of current advances in cloud security engineering and evolving cloud threats to support secure deployment of programs and applications. • Provide input throughout the deployment lifecycle to ensure systems meet DoD compliance requirements and are positioned to achieve/maintain ATO. • Provide guidance to assessment staff performing Cybersecurity Vulnerability Assessments related to cloud hosting environments, ensuring findings are risk-prioritized and remediations are actionable. • Advise on control selection, inheritance, and implementation for cloud services (e.g., leveraging FedRAMP baselines and CSP-native controls) and assist teams in developing audit-ready artifacts and evidence. • Coordinate with SOC/Blue Team/IR stakeholders to align logging, monitoring, alerting, and response with mission objectives and compliance obligations. • Partner with engineering, DevSecOps, governance, and mission owners to balance security, performance, and cost in multi-cloud or hybrid architectures. • Track and incorporate changes in DoD cybersecurity policy, cloud provider security capabilities, and best practices to continually improve architecture and operations.

• Execute comprehensive IT security audits on complex systems in accordance with DoD and Federal requirements. • Perform security control validation to verify proper implementation and effectiveness of technical, operational, and management controls. • Conduct vulnerability assessments and analyze findings to identify security gaps and risks. • Support RMF activities including control selection, implementation validation, assessment, and authorization support. • Evaluate applied security mitigations to determine alignment with security requirements and business objectives. • Validate project security controls to ensure compliance with DoD contracting system standards. • Document security findings, risk assessments, and remediation recommendations. • Maintain and update RMF artifacts and assessment results within eMASS. • Collaborate with system owners, engineers, and stakeholders to resolve security issues and implement corrective actions. • Support audits, inspections, and compliance reviews while ensuring accuracy and quality of deliverables.

• Own and evolve the company’s security and privacy strategy • Scale and mentor the Security team, developing great security team members as the company grows. • Build and mature the company’s security framework, balancing pragmatism and rigor across system security, application security, infrastructure security, and device security. • Lead security operations and incident response, ensuring the company can rapidly detect, respond to, and recover from threats. • Oversee compliance programs (e.g., SOC 2, GDPR, CPRA) and maintain a continuous improvement mindset beyond checkbox compliance. • Partner with Engineering and Product to embed security into the SDLC, CI/CD pipelines, and IoT device lifecycle. • Establish and maintain relationships with key stakeholders, such as executive leadership, providing actionable metrics and insights into security posture, risk trends, and emerging threats. • Oversee vendor risk management and ensure robust controls across third-party services and integrations. • Conduct regular security awareness training and education programs for employees. • Evaluate and select security technologies and tools to enhance the organization's security posture. • Build a strong security culture, from awareness and education to clear policies and positive engagement across all teams. • Optimize the security budget and make pragmatic tradeoffs that balance protection, velocity, and business impact.

• Drive new logo acquisition; while working with existing customers to retain and expand our usage • Grow sales pipeline to meet or exceed the Company’s business plan, by bringing in new accounts, leveraging existing accounts and by building partnerships with key accounts to fortify the Company’s position to develop new business. • Consult with VP- and C-level executives to develop and implement an effective enterprise-wide strategy that maximizes the value delivered • Develop a contact network of GSI’s and channel partners to ensure our products/services can be sold broadly and effectively throughout the enterprise • Maintain an up to date sales pipeline, account information, and sales process in salesforce.com including call lists and account progress reports. • Develop and execute on an effective prospecting plan as part of the territory sales plan and demonstrate effectiveness in selling into the key accounts within the territory. • Work with other members of management to ensure that implementation and customer support is in place to support all new business and champion your customers’ implementations to ensure wild success • Work closely with and establish engagement between functional areas such as sales engineering, engineering, marketing, legal, finance and other lines of business to develop and execute a solution strategy to meet customer business needs • Execute on account plans to deliver maximum revenue within an assigned territory