• Own overall relationship with assigned clients • Ensure quality and timely service with high degree of responsiveness • Work with other internal teams in ensuring engagement goals are met • Educate clients on BreachLock capabilities and benefits • Manage client expectations and escalations • Ensure retention and satisfaction of all assigned clients with high NPS score • Help be the gatekeeper of quality for all deliverables. • Monitoring the delivery of active penetration tests through-out the lifecycle i.e., from kick-off to report delivery and retest • Escalate or immediately remove obstacles that arise during testing - ensuring swift resolution and smooth restoration of testing activity and customer satisfaction • Support junior resources to resolve escalations and offer general process guidance • Work with Cross Functional Teams to deliver pentesting as a service engagements • Participate in Practice development activities • Train other team members • Build best practices and scalable repeatable processes for Project management function

• Build and own your pipeline from scratch to drive Abusix's growth independently of inbound volume • Run discovery calls and tailored demos with technical and business stakeholders to qualify opportunities and create genuine buying momentum • Design and manage proof-of-concept (POC) processes with our technical team to give prospects hands-on experience with Guardian Mail, Guardian Ops, or Guardian Intel • Lead commercial negotiations and contract discussions end-to-end to convert qualified opportunities into signed, long-term customer relationships • Research and map target accounts to identify the right entry points and build multi-threaded stakeholder relationships • Share market intelligence and prospect feedback with product and marketing to sharpen Abusix's positioning and surface new opportunities

• Follow and implement all operational security procedures within the hotel • Oversight of all contractors, suppliers or vendors working on property • Protect all guest and staff areas of the hotel from unauthorized access or intruders • Keep the security and hotel senior management informed on all matters relating to the Security aspects of the hotel on a daily basis.

• Help evaluate whether to stand up an internal SIEM or work with an outsourced SOC provider—then implement whichever path makes sense for where we are as a company. • Build incident response runbooks and triage workflows—then actually test them (e.g. test backups in case needed for ransomware recovery) • Be the person who sees something and does something about it • Scan and harden our AWS posture hands-on: IAM policies, SCPs, security group hygiene, GuardDuty, Security Hub, and automated compliance guardrails need to be evaluated and maintained • Own Cloudflare configuration across WAF rules, DDoS protection, bot management, Zero Trust access, and DLP policies—keeping rules current and tuned as the product evolves • Implement IaC security scanning (Checkov, tfsec, or similar) directly into CI/CD pipelines • Deploy and manage endpoint protection across developer systems and production endpoints—covering EDR, device posture, behavior monitoring (including dynamic scans), DLP, and threat detection • Ensure developer machines (Mac-heavy environment typical of engineering teams) meet baseline security standards while minimizing friction that slows people down. • Define and enforce endpoint compliance policies, including disk encryption, patch posture, and application controls • Secure our build and release pipelines • Consider SLSA framework adoption and supply chain integrity attestations for our catalog and environments • Stand up dependency vulnerability scanning and own the remediation workflow end-to-end for third-party services, libraries, middleware, operating systems, and SaaS • Integrate SAST and SCA tooling (Semgrep, Snyk, GitHub Advanced Security) into developer workflows • Participate in security design reviews and threat modeling for new features • Work shoulder-to-shoulder with developers to find and fix vulnerabilities using a risk-based model instead of just vulnerability aging reports • Audit and rationalize IAM across AWS, Cloudflare, SaaS applications, and internal tooling; implement the fixes, not just the findings • Drive SSO consolidation, enforce MFA universally, and implement least-privilege access in practice, not just policy • Build a lightweight, repeatable access review process—something that actually runs on a cadence and produces real decisions • Own joiner/mover/leaver processes so that entitlements stay clean as the team grows • Evaluate and implement an appropriate identity governance solution for our stage—not an enterprise IGA platform, but something that gives us control and auditability