Role Description Terzo processes some of the most sensitive commercial data in the enterprise world for Fortune 500 customers who expect enterprise-grade security as a baseline. Keeping that trust means our internal security posture has to be as strong as our product security. You will own Terzo's internal IT and security infrastructure including: - Endpoint management - Identity and access - Network security - The security tooling stack that protects our people, devices, and systems This includes managing and evolving tools like: - Defender - Jamf - 1Password - Twingate - Entra ID - Sentinel As the role matures, you will grow into owning compliance operations, e.g., audit readiness, evidence generation, and continuous monitoring, becoming the person who bridges IT, security, and compliance into a single discipline. Qualifications - 5+ years of experience in IT security, security engineering, or systems administration with a strong security focus - Hands-on experience managing endpoint security, MDM, and device management across Mac and Windows fleets (Jamf, Intune, Defender) - Strong understanding of identity and access management including SSO, MFA, conditional access, zero-trust network access - Experience administering and securing cloud identity platforms (Azure Entra ID, Okta, or similar) - Comfort scripting and automating IT/security workflows - Familiarity with enterprise security frameworks (SOC 2, ISO 27001, NIST 800-171) and how IT controls map to compliance requirements - Clear communication across engineering, security, and business stakeholders - High ownership mentality, you see a security gap and close it, not escalate it Requirements - Experience managing a ZTNA stack (Twingate, Cloudflare Access, Zscaler, or similar) in a remote-first environment - Background with SIEM/SOAR platforms (Sentinel, Splunk) for security monitoring and incident response - Familiarity with GRC platforms and compliance automation tooling - Experience supporting CMMC Level 2 or FedRAMP readiness from the IT controls side - Prior work at a high-growth startup where you built the IT/security function from scratch, not just inherited it - Interest in growing into a compliance operations role as the security program matures Benefits - Competitive salary - Annual performance bonus - Employee stock option plan - 100% paid medical, dental, and vision coverage - 401(k) with employer contribution - Generous vacation and sick leave - Flexible work arrangements - High-quality equipment for home and office - Strong culture of collaboration, mentorship, and continuous improvement

• Support development and delivery of cybersecurity services • Engage with insured clients for risk management • Act as liaison between insureds and underwriting team • Analyze data to identify threat scenarios

Role Description As a Lead Cybersecurity Engineer, you will be responsible for the planning, execution, and departmental operations of product cybersecurity compliance and vulnerability management for GE Vernova’s Operational Technology (OT) portfolio. This role requires a high degree of technical domain expertise to ensure products meet rigorous industry standards and regulations. You will have the autonomy to modify procedures and practices to ensure end results meet standards of quality, volume, and timeliness while maintaining a robust security posture across the product. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. - Minimum of 5 years’ experience in cybersecurity compliance, vulnerability management, or a related technical field. - Minimum of 3 years’ experience with OT-specific frameworks (e.g., IEC 62443, NERC CIP). Requirements - Lead the development, implementation, and monitoring of cybersecurity policies and procedures aligned with industry standards such as IEC 62443, NERC CIP, ISO 27001, and NIST. - Develop and execute comprehensive product and system certification plans, serving as the primary technical lead for IEC 62443 certification processes. - Perform high-level product and system gap assessments, identifying misalignments between current state and regulatory requirements. - Coordinate with external auditors and regulatory bodies, ensuring all documentation related to compliance and audit activities is accurate and up-to-date. - Take ownership of the vulnerability management program, conducting moderate-to-complex system-level analysis to identify and remediate security weaknesses. - Solve complex technical problems with limited guidance, leveraging cross-product linkages and expertise to develop peer-reviewed remediation solutions. - Conduct deep-dive risk assessments to identify potential threats. Develop and implement proactive strategies to mitigate risks and improve the overall security posture of the product portfolio. - Develop and execute program plans, including defining work tasks, project scope, and schedules. - Lead and support technical design reviews, ensuring cybersecurity "secure by design" principles are integrated from inception. - Identify potential improvements in tools and technologies. Proactively solicit feedback from horizontal teams to implement faster, simpler, and more impactful cybersecurity processes. - Actively participate in the technical mentoring program, supporting the growth of junior engineers and sharing domain expertise. - Anticipate internal and external client needs, resolving complex security or compliance issues quickly and effectively. - Foster a positive team spirit by sharing ideas and information, and acknowledging the success of others. Benefits - Medical, dental, vision, and prescription drug coverage. - Access to Health Coach from GE Vernova, a 24/7 nurse-based resource. - Access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling, and referral services. - Retirement benefits including the GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions. - Access to Fidelity resources and financial planning consultants. - Tuition assistance. - Adoption assistance. - Paid parental leave. - Disability benefits. - Life insurance. - 12 paid holidays. - Permissive time off.

• Develop and maintain strong relationships with key stakeholders in the business and IT • Act as the key liaison and esteemed business partner for functional stakeholders • Provide insights for development of IT strategies, policies, and governance frameworks • Collaborate with leadership and cross-functional teams • Lead the function/project specific IT budgeting & resource planning • Proactively engage with business leaders to identify opportunities • Ensure compliance with regulations, industry standards, and security policies • Facilitate the adoption of tools and processes across the organization • Manage risks, issues, and dependencies for strategic IT initiatives