Role Description Provides analyst support for health plan risk and quality reporting activities. Designs and develops custom health plan reports to support local interventions, provider outreach, and tracks outcomes of initiatives. Educates users on how to use reports related to risk and quality/Healthcare Effectiveness Data and Information Set (HEDIS) for Medicaid, Medicare, Marketplace and Medicare/Medicare-Medicaid Plan (MMP). Assists with research, development, and completion of special quality performance improvement projects including root-cause analysis. - Captures and documents health plan quality reporting requirements, builds custom reports, and educates health plan users on how to use reports. - Builds intervention strategy reporting for the risk and quality interventions and measures gap closure. - Builds ad hoc quality reports as requested to track HEDIS performance and supplemental data monitoring. - Develops quality assurance (QA) custom health plan reports related to Risk and Quality/HEDIS for Medicaid, Marketplace and Medicare/MMP. - Develops custom health plan reports related to managed care data including medical claims, pharmacy, lab and HEDIS rates. - Collaborates with the national risk and quality team on testing of pre-production reporting for assigned health plan. - Calculates and tracks gap closure and intervention outcome reporting for the assigned health plan. - Works in an agile business environment to derive meaningful information out of complex and large organizational data sets through data analysis, data mining, verification, scrubbing, and root-cause analysis. - Conducts root-cause analysis for business data issues. - Analyzes data sets and trends for anomalies, outliers, trend changes, and opportunities, using databricks Structured Query Language (SQL), PowerBi, Microsoft Excel, and techniques to determine significance and relevance. - Assists with research, development and completion of special quality-related projects as requested by various internal departments, or in support of requests from regulatory agencies, contracting agencies, or other external organizations. - Represents as a key partner to assist with testing changes in the Datawarehouse platform and performs transparent upgrades to reporting modules to ensure no impact to the end users. - Conducts preliminary and post-impact analyses for any logic and source code changes for data and reporting module - keeping other variables as constant that are not of focus. - Represents as a HEDIS subject matter expert, and supports health plan improve performance on underperforming quality measures. Qualifications - At least 2 years of experience mapping, scrubbing, scrapping, and cleaning data, and analysis experience related to HEDIS and/or risk adjustment, and 1 year of experience in a managed care organization, or equivalent combination of relevant education and experience. - Analytical mindset with excellent attention to detail. - Experience in working with complex data to include quantifying, measuring, and analyzing financial/performance management and utilization metrics. - Experience working with Microsoft T-SQL, Databricks SQL and Power BI. - Experience writing complex SQL queries, functions, procedures and data design. - Experience with Microsoft Azure, Amazon Web Services (AWS), or Hadoop. - Ability to manage multiple priorities in a fast-paced, deadline-driven environment. - Strong business acumen with the ability to connect data insights to strategic goals. - Self-starter with a continuous improvement mindset. - Effective verbal and written communication skills. - Microsoft Office suite (including advanced Excel), and applicable software programs proficiency. Preferred Qualifications - Certified Professional in Healthcare Quality (CPHQ). - Certified HEDIS Compliance Auditor (CHCA). - Registered Nurse. If licensed, license must be active and unrestricted in state of practice. Benefits Molina Healthcare offers a competitive benefits and compensation package.

Role Description The objective of this engagement is to provide governance and coordination support for enterprise cybersecurity governance activities, specifically supporting the Cyber Lessons Learned (LL) and NATO Enterprise Cybersecurity Scorecard (Scorecard) processes. The contractor will assist CDT in coordinating stakeholders, supporting reporting activities, and ensuring that cybersecurity governance processes are executed in a structured, consistent, and traceable manner. The engagement focuses on supporting two main work packages: - Cyber Lessons Learned coordination and process support - Cybersecurity Scorecard oversight The contractor will provide coordination and documentation support but will not perform operational cybersecurity activities or entity-level assessments. Qualifications - Expertise in Cyber Security: Extensive experience in cyber security with a focus on analytical assessment, scorecard development, and performance metrics. - Methodology Development Skills: Proficiency in developing, refining, and updating methodologies for assessing cybersecurity maturity and performance. - Experience with Lessons Learned or Knowledge Management Processes: Experience supporting Lessons Learned, knowledge management, or continuous improvement processes, including capturing lessons, structuring information, and tracking improvement actions. - Communication Skills: Strong written and verbal communication skills for engaging with various stakeholders and facilitating Enterprise-wide assessments. - Autonomous Working Capability: Capable of performing effectively and efficiently with minimal supervision. Requirements - Required Security Clearance: NATO SECRET - Special Terms and Conditions: Non-disclosure agreement must be signed Deliverables Deliverables are structured under two WPs corresponding to the two workstreams of the assignments. All deliverables will be assessed according to the criteria described in General Acceptance Criteria. Work Package I – Cyber Lessons Learned Coordination Support - Deliverable WP1-D1: Lessons Learned Coordination Plan - Deliverable WP1-D2: Lessons Learned Capture Template - Deliverable WP1-D3: Lessons Learned Register - Deliverable WP1-D4: Lessons Learned Workshop Summary Reports - Deliverable WP1-D5: Lessons Learned Consolidation Report Work Package II – Scorecard Oversight Deliverables - Deliverable WP2-D1: Scorecard Oversight Tracking Dashboard - Deliverable WP2-D2: Contractor Deliverable Review Report Payment Schedule - WP1-D1: 7% of total contract value. Due: 2026 Q3. - WP1-D2: 5% of total contract value. Due: 2026 Q3. - WP1-D3: 30% of total contract value. Due: 2026 Q3. - WP1-D4: 20% of total contract value (5% each). Due: 2026 Q3–Q4. - WP1-D5: 23% of total contract value. Due: 2026 Q4. - WP2-D1: 5% of total contract value. Due: 2026 Q3–Q4. - WP2-D2: 10% of total contract value (2.5% each). Due: 2026 Q4. Work Execution The work will be executed remotely; no travel is considered. The Contractor's personnel are expected to follow the Purchaser's working hours and observe the Purchaser's official holidays. Reporting At the end of each milestone, the Contractor shall report the completion and achievements to the Purchaser POC via email for each resource providing services under this SoW. Period of Performance The service is expected to start on 03 August 2026 (tentative) and end no later than 31 December 2026. Security and Non-Disclosure Agreement The resource providing services under this SoW must be in possession of a security clearance of NATO SECRET or above. The signature of a Non-Disclosure Agreement between the contractors contributing to this task and NCIA will be required prior to execution.

• Provide governance and coordination support for enterprise cybersecurity governance activities. • Support Cyber Lessons Learned coordination and process support. • Provide oversight for Cybersecurity Scorecard processes. • Assist in coordinating stakeholders and supporting reporting activities. • Ensure that cybersecurity governance processes are executed in a structured and traceable manner.

• Manage data subject rights requests (including SARs) end-to-end, ensuring they are completed accurately and within statutory deadlines • Provide first-line advice and guidance on data protection queries across the organisation • Support the handling of personal data breaches, including logging, investigation support and follow-up actions • Maintain key information governance records, including the Record of Processing Activities (RoPA) • Monitor compliance with policies and processes, escalating risks where appropriate • Support training and awareness activities to promote good data protection practices • Assist with audits, reviews and regulatory reporting requirements