• Monitor and respond to information security issues across systems and business workflows to ensure security controls are effective and operating as intended. • Administer, manage, and maintain security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), content filtering solutions, endpoint protection platforms, and other security controls. • Utilize and manage security tools such as SIEM platforms, vulnerability scanners, forensic tools, and threat monitoring solutions to identify, assess, and respond to security risks and incidents. • Enforce security policies and procedures by administering security profiles, reviewing security violation reports, investigating exceptions, and maintaining documentation of security controls. • Coordinate and support incident response activities, including investigation, containment, remediation, recovery, and reporting. • Partner with IT, Legal, Compliance, and other stakeholders to identify and manage security vulnerabilities and risk exposures. • Assist in the development, implementation, and maintenance of security policies, standards, and procedures, including authentication controls, security monitoring, incident escalation, auditing, encryption, and firewall management. • Develop, deliver, and maintain security awareness and training programs to promote a strong security culture. • Conduct ongoing security research to stay informed of emerging threats, vulnerabilities, technologies, and industry best practices. • Participate in the evaluation and implementation of security products, technologies, and processes to improve organizational security, efficiency, and effectiveness. • Support internal and external audits, risk assessments, and compliance initiatives as required.

• Design, implement, and manage secure LAN/WAN network architectures for enterprise and MSP clients. • Conduct firewall audits, vulnerability assessments, and infrastructure hardening across client environments (Cisco ASA, FTD, Fortinet, SonicWall). • Perform real-time security monitoring using SIEM tools and respond to alerts and incidents proactively. • Manage and troubleshoot Next-Generation Firewall (NGFW) devices and enforce security policies. • Oversee client onboarding and offboarding processes including system configuration, access provisioning/decommissioning, and documentation handover. • Configure and support cloud platforms including Microsoft Azure, AWS, and Google Cloud Platform for client security posture. • Administer Microsoft 365 environments — user provisioning, Exchange Online, licensing, and security configurations. • Deploy and manage monitoring and security tools such as SolarWinds, Nagios XI, Auvik, Cisco OpenDNS, Datto RMM, NinjaOne, and Dark Web Monitoring. • Configure Layer 2/3 networking including VLANs, STP, OSPF, EIGRP, BGP, QoS, IPSec VPNs, and MPLS. • Implement AAA, MFA, IDS/IPS, and RADIUS solutions to secure network access. • Contribute to ISO 27001 compliance initiatives and maintain ITIL-aligned change management processes. • Design and document disaster recovery plans for network and server infrastructure. • Manage Microsoft Server environments (AD, DNS, DHCP, RDS) and virtualization platforms. • Produce detailed technical reports and ensure compliance with contractual and regulatory requirements.

Title: Cyber GRC Analyst Location: Austin Full time Governance, Risk and Compliance (GRC) Analyst Location - Austin Texas Hybrid - 3 Days in office The Governance, Risk and Compliance (GRC) Analyst will have a good understanding of security and privacy principles as well as a sound understanding of regulatory and compliance requirements affecting a US business. As a GRC analyst your roles will support and maintain the Realtor.com Cyber GRC Program along with the BISO and central GRC function, including the development, implementation and maintenance of cyber security policies, standards, guidelines and processes to ensure compliance is maintained and risk is managed. What’s the role? ● Work with key internal and external stakeholders to ensure compliance with PCI DSS, Privacy and GDPR compliance requirements, audits and assessments. ● Assist in the risk assessment process and report on enterprise-wide and third-party security controls ● Support in the implementation of key security initiatives across the organisation ● Support management of audits, external assessments and assurance processes including, but not limited to PCI DSS and NIST CSF ● Develop and manage meaningful metrics to measure and track cyber risks and the effectiveness of the governance, risk and compliance function ● Conduct compliance readiness assessments and assurance activities against policies, standards requirements ● Track technology and cyber related audit findings and actions ● Assist with the development of measurable cyber security standards that align with policy control objectives ● Support user and specialist user education and awareness exercises for employees ● Assist in the development of effective measurement and simplified reporting of cyber security risks within the business ● Assist with third party security assessments against industry standards as well as News UK control standards ● Assist in maintaining the cyber security risk register Who are you? ● 3+ years’ experience within Cyber Security or related fields ● Demonstrated experience in governance, risk and compliance in dynamic and complex cyber security, technology and business environment ● Strong knowledge and experience with Industry Frameworks and Standards such as NIST CSF, PCI DSS and ISO 27001 ● Good working knowledge of Cloud infrastructure, especially AWS ● Previous experience working in a SOX compliance environment is desirable ● Strong oral and written communication skills ● Qualification in Information Security, Computer Science, Engineering or similar ● Professional security certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar preferred Base Pay Range: $80,000 - $110,000 + Bonus We’re committed to offering competitive and flexible compensation to attract top talent. This pay range reflects our good faith estimate for the role and may vary based on a candidate’s experience, skills, location, and other relevant factors. For bonus-eligible roles, targets are determined based on multiple considerations, including market benchmarks and individual contributions. For benefits-eligible roles, we offer a comprehensive and competitive benefits package covering health, retirement, wellbeing, and more, along with optional benefits to meet the diverse needs of our employees.

• Responsible for day-to-day operation of the company’s compliance and AI governance program in a regulated, government-facing environment • Focus on translating regulatory, cybersecurity, AI governance, and audit requirements into actionable internal processes • Coordinate audit readiness, maintaining documentation, and ensuring ongoing compliance alignment • Partner closely with the CTO, Cloud Hosting Manager, Engineering, and Security stakeholders to support secure operations, responsible AI usage, and adherence to applicable regulatory frameworks and data protection standards • Interpret regulatory, contractual, cybersecurity, and AI governance requirements (e.g., SOC 2, CJIS, NIST-based controls, ISO 27001, AI governance standards, state/local requirements) into internal tasks and control activities • Coordinate audit readiness efforts, including evidence collection, organization, validation, and remediation tracking • Serve as primary internal point of contact for auditors; support external audit processes, security assessments, and follow-up activities • Maintain and update policies, procedures, control narratives, risk assessments, AI governance documentation, and compliance records • Track compliance status, findings, risks, and remediation efforts; ensure timely closure of identified gaps • Partner with Hosting, Engineering, Security, and Product teams to validate implementation of security, privacy, and AI-related controls • Support governance and oversight of AI-related processes, including data handling, model usage, vendor assessments, and responsible AI practices • Assist in identifying and mitigating cybersecurity, privacy, and AI-related operational risks • Escalate ambiguous, high-risk, or non-compliant requirements and coordinate resolution activities • Support vendor compliance reviews, security questionnaires, and third-party risk documentation requests as needed • Assist in maintaining control mappings across multiple compliance and security frameworks • Contribute to continuous improvement of compliance, information security, and AI governance processes