• Plan and execute end-to-end hardware penetration tests on embedded and IoT devices, against a defined scope and rules of engagement • Identify, access, and exploit on-board debug interfaces: JTAG, SWD, UART, and similar, to gain code execution or memory access • Extract firmware via debug ports, in-circuit flash reads (SPI / I2C / NAND), or chip-off when required, and analyze it for vulnerabilities • Intercept and analyze data on common embedded buses (SPI, I2C, UART, CAN, USB) using logic analyzers and protocol decoders • Where in scope, perform side-channel analysis and fault injection (power analysis, voltage/clock glitching) to bypass secure boot, readout protection, or authentication • Reverse engineer firmware and embedded binaries (Ghidra, IDA, Binwalk, etc.) to find logic flaws, hardcoded secrets, and exploitable conditions • Assess physical attack surface, tamper resistance, and key/secret storage • Distinguish between theoretical and operationally relevant risk to keep findings actionable • Write high-quality technical reports and present findings to client stakeholders, both technical and non-technical • Advise on practical, prioritized remediation that clients can act on • Build client confidence through credibility, clear communication, and proven impact • Build and maintain lab tooling, test rigs, and internal methodology • Contribute to research, responsible disclosure, and internal knowledge-sharing • Stay current on hardware attack techniques, embedded architectures, and defensive controls

• Define and enforce a coherent cloud architecture strategy • Own cloud cost strategy in partnership with Finance • Own Albert’s security posture end-to-end • Implement and evolve a Zero Trust architecture • Lead compliance and audit readiness • Own Azure interoperability strategy • Manage the ML/AI infrastructure platform • Drive infrastructure modernization • Build and lead a global SRE organization • Define and own the SLO framework • Establish incident response and disaster recovery programs • Manage vendor relationships • Develop and deliver cybersecurity awareness programs

• Provide independent assessments of MARAD information systems in support of system authorization, reauthorization, and continuous monitoring activities. • Evaluate management, operational, and technical security controls in accordance with NIST Risk Management Framework (RMF) requirements. • Support Authority to Operate (ATO) decisions. • Develop assessment documentation and reports. • Collaborate with MARAD, DOT, and cybersecurity stakeholders to ensure compliance, risk visibility, and mission assurance. • Assess MARAD systems in one of three states: System Authorization: Initial Authorization, Reauthorization, or Continuous Monitoring Assessment (CMA). • Provide annual assessment support to the NSMV and MARAD CIO programs. • Conduct independent assessments of specified MARAD information systems following the System Authorization process. • Execute and conduct analysis of network and systems to validate appropriate security control implementation. • Develop security assessment plans and assessment reports compliant with latest revisions of NIST Special Publication 800-53A Recommended Security Controls. • Develop security assessment executive summary documents including summative presentation further providing an overview of activities, findings, risks and mitigation recommendations.

• Own architecture strategy and hands-on delivery for IT & Security engineering initiatives. • Translate security and IT objectives into actionable workflows, automation patterns, and documentation. • Mentor team members on technical troubleshooting, configuration, and best practices; foster a security-first culture. • Evaluate and recommend technologies to improve security posture, service reliability, and operational efficiency. • Own end-to-end identity lifecycle management using Okta as the primary IAM platform. • Maintain and refine RBAC/ABAC models, least-privilege controls, and provisioning workflows. • Implement and support SSO, MFA, SCIM, conditional access, and session security controls. • Conduct periodic access reviews and maintain audit documentation for GovWorx compliance frameworks. • Serve as SME for Jamf (macOS) and Intune (Windows): secure baselines, configuration profiles, provisioning, and compliance enforcement. • Maintain Zero Trust device posture: encryption, patching, MDM enforcement, automated remediation, and application access controls. • Manage and tune the EDR deployment for detection quality and incident readiness. • Deploy self-service endpoint capabilities to minimize employee friction and ensure timely application access. • Maintain centralized logging and monitoring pipelines across identity, endpoint, and SaaS systems. • Create and refine detection alerts for high-signal, low-noise event visibility. • Lead technical investigation during security events: evidence gathering, forensic analysis, containment, and remediation recommendations. • Collaborate with the Head of IT & Security on incident prioritization, communication, and business-impact decisions. • Maintain and optimize core SaaS, collaboration, and IT platforms for reliability and scalability. • Own hardware and software lifecycle management: procurement, deployment, inventory, and secure decommissioning. • Maintain and regularly test backup, continuity, and disaster recovery processes. • Maintain system diagrams, runbooks, SOPs, and internal knowledge articles. • Support GovWorx compliance frameworks through control enforcement, audit evidence collection, and documentation. • Maintain SaaS application and OAuth integration inventory; review and control privileged access and scope boundaries. • Manage lifecycle of service accounts, API keys, certificates, and secrets; enforce secure storage and automated rotation. • Assist in vendor security evaluations, risk assessments, and risk register contributions.