• Develop and implement a comprehensive enterprise security strategy that protects internal systems, operations, and corporate assets while reinforcing customer trust externally. • Serve as the executive authority on information security, risk management, and security compliance, ensuring alignment with corporate objectives and regulatory requirements. • Collaborate with product, engineering, and business teams to embed security design principles and practices across all Keyfactor offerings. • Represent Keyfactor externally to customers, partners, industry forums, and regulators to strengthen trust, demonstrate compliance, and communicate security commitments. • Lead enterprise security operations, including threat detection, incident response, vulnerability management, and proactive risk mitigation. • Maintain and continuously improve the Information Security Management System (ISMS), driving adherence to ISO 27001, SOC 2, FedRAMP, and emerging standards such as ISO 42001 for AI. • Define and enforce security policies, procedures, and standards that ensure both internal resilience and external assurance for clients and partners. • Conduct enterprise-wide risk assessments, audits, and reviews to identify, quantify, and mitigate security threats internally and across customer-facing services. • Partner with Compliance and Legal teams to maintain adherence to global data protection, privacy, and regulatory standards (e.g., GDPR, CCPA, FedRAMP, AI). • Act as the executive sponsor for security certifications, audits, and customer assurance initiatives that validate Keyfactor’s external trust posture. • Provide Keyfactor senior leadership periodic assessments on current and emerging threats and the organizations posture to remediate those threats. • Ensure that Keyfactor’s corporate security training and awareness program is optimized to engage employees and improve security culture. • Collaborate with product and engineering teams to integrate security into the full product lifecycle, including design, development, deployment, and maintenance. • Champion secure software development practices, cryptographic innovation, and identity management solutions that protect customer data and enhance trust. • Serve as the point of contact for customers and partners regarding security concerns, audits, and assurance programs, strengthening Keyfactor’s reputation as a trusted provider. • Build, lead, and mentor a high-performing global security organization focused on both internal protection and external assurance. • Establish clear objectives, performance metrics, and professional development pathways for security, risk, and compliance teams. • Foster a culture of proactive risk management, operational excellence, and cross-functional collaboration.

• Own our compliance program, including SOC 2 and ISO 27001, and the ISMS that supports them • Assist with operational privacy processes in support of GDPR and adherence to privacy laws across all US states and international requirements • Assist the CISO with privacy program implementation • Lead the third-party risk management program • Lead AI risk management and governance • Drive our top focus areas: identity and access management, product security, and internal IT operations • Contribute to security research and thought leadership • Drive and attend industry events in partnership with the go-to-market team, representing Fable Security's leadership • Submit to and speak at conferences, building the company's presence in the security community

• execute and support ongoing security operations aligned with Sequel’s security priorities and roadmap • translate security findings, alerts, and audit requirements into actionable remediation plans • proactively monitor the evolving threat landscape and regulatory environment • contribute to investment and business-case discussions by articulating risk-reduction value • partner with IT and Security & Compliance to implement security initiatives • manage the vulnerability lifecycle, including scanning, triage, prioritization, and remediation tracking • drive recurring patch cycles in coordination with IT operations • monitor, triage, and investigate alerts across SIEM and Microsoft Defender tools • lead end-to-end incident response • identify, investigate, and remediate risky users and devices • administer Microsoft 365 security and data protection solutions • support the execution of the security awareness program • maintain documentation and drive remediation of audit findings

Role Description Engineers are expected to identify and design solutions for issues involving: - New features - Interoperability - Vulnerability - System limits and constraints facing the platforms and products In addition, engineers are responsible to evaluate current capabilities and predict future needs, then work with internal stakeholders, vendors and peers to anticipate, define, and pursue these capabilities. Main Responsibilities - Perform engineering support. - Assess operational business processes to ensure security is appropriately integrated. - Assess potential risks with new applications and products and provide security requirements and recommendations for risk mitigation to help the business succeed with their projects. - Directly engage in advanced troubleshooting and delivery with stakeholders, including end customers. - Consult as security subject matter expert with network architects, engineers, and others on solutions to security problems. - Recommend new information security systems and controls to mitigate emerging threats and risks across the company. - Ensure reports and findings are delivered in a timely and appropriate manner to management, operations and executive leadership. - Recommend new security policy, standards, best practices, and system configuration standards. Consult with internal clients on security topics and policy interpretation. - Identify higher risk areas of the corporate and carrier infrastructure for assessment. - Coordinate activities across multiple departments and business units. - Other duties as assigned. Qualifications - Bachelors Degree - 6 years of experience, or 4 with Masters degree Preferred Qualifications - Masters Degree - Ability and commitment to communicate effectively, consistently chooses communication methods to ensure critical information reaches and persuades intended audience - Uses strong interpersonal skills to build partnerships with stakeholders and peers - Possesses leadership qualities and persuades stakeholders to achieve positive outcomes - Demonstrates a strong sense of ownership and commitment toward leading peers and stakeholders on critical projects and tasks; making, meeting and communicating progress. Compensation This information reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual pay is based on skills, experience and other relevant factors. - $84,629 - $112,838 in these states: AL, AR, AZ, FL, GA, IA, ID, IN, KS, KY, LA, ME, MO, MS, MT, ND, NE, NM, OH, OK, PA, SC, SD, TN, UT, VT, WI, WV, WY - $88,860 - $118,480 in these states: CO, HI, MI, MN, NC, NH, NV, OR, RI - $93,092 - $124,122 in these states: AK, CA, CT, DC, DE, IL, MA, MD, NJ, NY, TX, VA, WA Benefits - Comprehensive package featuring a broad range of Health, Life, Voluntary Lifestyle benefits and other perks that enhance your physical, mental, emotional and financial wellbeing. What to Expect Next Requisition #: 342500 Life at Lumen Life at Lumen is human and connected, even in a fast moving, AI‑focused organization. We set clear expectations and trust people to meet them. With real support and shared accountability, teams collaborate better, move faster, and deliver meaningful outcomes. Background Screening If you are selected for a position, there will be a background screen, which may include checks for criminal records and/or motor vehicle reports and/or drug screening, depending on the position requirements. Equal Employment Opportunities We are committed to providing equal employment opportunities to all persons regardless of race, color, ancestry, citizenship, national origin, religion, veteran status, disability, genetic characteristic or information, age, gender, sexual orientation, gender identity, gender expression, marital status, family status, pregnancy, or other legally protected status (collectively, “protected statuses”). Privacy Notice Lumen is committed to protecting the privacy and security of personal information collected during the recruitment and hiring process. Disclaimer The job responsibilities described above indicate the general nature and level of work performed by employees within this classification. It is not intended to include a comprehensive inventory of all duties and responsibilities for this job. Job duties and responsibilities are subject to change based on evolving business needs and conditions.