• Leverage various security tools to perform monitoring and analysis of security events/data to identify security risks and threats on customer networks. • Utilize cyber hunt techniques to discover violations or threats. • Implement, administer, and use cybersecurity tools, systems and applications; develop policies, standards, and guidelines to ensure secure enterprise-wise operations, performance and resiliency. • Deploy and secure security systems, application layer and traditional firewalls, vulnerability management and forensics utilities, and other infrastructure deployed and maintained by the Information Security Office. • Develop plans to safeguard information against unauthorized access modification, and destruction, and ensure organizational continuity of operations. • Work with SIEM solutions such as Splunk and others to perform investigation and triage of incidents. • Working with your team and broader True Zero community to stay up to date on the latest security trends and threats to improve the effectiveness of security programs for our customers. • Following processes and procedures and providing refinement suggestions for them. • Performing detailed documentation efforts to report on all investigative steps performed and coordinating with external teams/personnel.

• Monitor and respond to information security issues across systems and business workflows to ensure security controls are effective and operating as intended. • Administer, manage, and maintain security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), content filtering solutions, endpoint protection platforms, and other security controls. • Utilize and manage security tools such as SIEM platforms, vulnerability scanners, forensic tools, and threat monitoring solutions to identify, assess, and respond to security risks and incidents. • Enforce security policies and procedures by administering security profiles, reviewing security violation reports, investigating exceptions, and maintaining documentation of security controls. • Coordinate and support incident response activities, including investigation, containment, remediation, recovery, and reporting. • Partner with IT, Legal, Compliance, and other stakeholders to identify and manage security vulnerabilities and risk exposures. • Assist in the development, implementation, and maintenance of security policies, standards, and procedures, including authentication controls, security monitoring, incident escalation, auditing, encryption, and firewall management. • Develop, deliver, and maintain security awareness and training programs to promote a strong security culture. • Conduct ongoing security research to stay informed of emerging threats, vulnerabilities, technologies, and industry best practices. • Participate in the evaluation and implementation of security products, technologies, and processes to improve organizational security, efficiency, and effectiveness. • Support internal and external audits, risk assessments, and compliance initiatives as required.

• Design, implement, and manage secure LAN/WAN network architectures for enterprise and MSP clients. • Conduct firewall audits, vulnerability assessments, and infrastructure hardening across client environments (Cisco ASA, FTD, Fortinet, SonicWall). • Perform real-time security monitoring using SIEM tools and respond to alerts and incidents proactively. • Manage and troubleshoot Next-Generation Firewall (NGFW) devices and enforce security policies. • Oversee client onboarding and offboarding processes including system configuration, access provisioning/decommissioning, and documentation handover. • Configure and support cloud platforms including Microsoft Azure, AWS, and Google Cloud Platform for client security posture. • Administer Microsoft 365 environments — user provisioning, Exchange Online, licensing, and security configurations. • Deploy and manage monitoring and security tools such as SolarWinds, Nagios XI, Auvik, Cisco OpenDNS, Datto RMM, NinjaOne, and Dark Web Monitoring. • Configure Layer 2/3 networking including VLANs, STP, OSPF, EIGRP, BGP, QoS, IPSec VPNs, and MPLS. • Implement AAA, MFA, IDS/IPS, and RADIUS solutions to secure network access. • Contribute to ISO 27001 compliance initiatives and maintain ITIL-aligned change management processes. • Design and document disaster recovery plans for network and server infrastructure. • Manage Microsoft Server environments (AD, DNS, DHCP, RDS) and virtualization platforms. • Produce detailed technical reports and ensure compliance with contractual and regulatory requirements.

Title: Cyber GRC Analyst Location: Austin Full time Governance, Risk and Compliance (GRC) Analyst Location - Austin Texas Hybrid - 3 Days in office The Governance, Risk and Compliance (GRC) Analyst will have a good understanding of security and privacy principles as well as a sound understanding of regulatory and compliance requirements affecting a US business. As a GRC analyst your roles will support and maintain the Realtor.com Cyber GRC Program along with the BISO and central GRC function, including the development, implementation and maintenance of cyber security policies, standards, guidelines and processes to ensure compliance is maintained and risk is managed. What’s the role? ● Work with key internal and external stakeholders to ensure compliance with PCI DSS, Privacy and GDPR compliance requirements, audits and assessments. ● Assist in the risk assessment process and report on enterprise-wide and third-party security controls ● Support in the implementation of key security initiatives across the organisation ● Support management of audits, external assessments and assurance processes including, but not limited to PCI DSS and NIST CSF ● Develop and manage meaningful metrics to measure and track cyber risks and the effectiveness of the governance, risk and compliance function ● Conduct compliance readiness assessments and assurance activities against policies, standards requirements ● Track technology and cyber related audit findings and actions ● Assist with the development of measurable cyber security standards that align with policy control objectives ● Support user and specialist user education and awareness exercises for employees ● Assist in the development of effective measurement and simplified reporting of cyber security risks within the business ● Assist with third party security assessments against industry standards as well as News UK control standards ● Assist in maintaining the cyber security risk register Who are you? ● 3+ years’ experience within Cyber Security or related fields ● Demonstrated experience in governance, risk and compliance in dynamic and complex cyber security, technology and business environment ● Strong knowledge and experience with Industry Frameworks and Standards such as NIST CSF, PCI DSS and ISO 27001 ● Good working knowledge of Cloud infrastructure, especially AWS ● Previous experience working in a SOX compliance environment is desirable ● Strong oral and written communication skills ● Qualification in Information Security, Computer Science, Engineering or similar ● Professional security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar preferred Base Pay Range: $80,000 - $110,000 + Bonus We’re committed to offering competitive and flexible compensation to attract top talent. This pay range reflects our good faith estimate for the role and may vary based on a candidate’s experience, skills, location, and other relevant factors. For bonus-eligible roles, targets are determined based on multiple considerations, including market benchmarks and individual contributions. For benefits-eligible roles, we offer a comprehensive and competitive benefits package covering health, retirement, wellbeing, and more, along with optional benefits to meet the diverse needs of our employees.