• Lead Cloud & AI Security Strategy: Own and execute the strategic vision, roadmap, and operating model for Ascension's Cloud Security and AI Security programs under the Senior Director, driving secure adoption of cloud and AI technologies through risk-based priorities, measurable outcomes, and alignment with enterprise objectives. • Build and Develop High-Performing Teams: Lead, coach, and inspire Cloud Security and AI Security teams while establishing scalable operating models, conducting capacity and workforce planning, optimizing team processes, and fostering a culture of accountability, collaboration, adaptability, and continuous learning. • Drive Security Technology Strategy & Program Transformation: Develop and manage the Cloud Security & AI Security technology roadmap, including capability planning, technology evaluation, vendor selection, and oversight of implementations such as CNAPP, AI security controls, and automation capabilities. • Advance Secure Cloud & AI Enablement: Partner across technology, architecture, engineering, governance, legal, and business teams to establish security standards, risk management practices, and control requirements that enable innovation while protecting Ascension's cloud environments and AI solutions. • Measure, Communicate, and Advance Security Outcomes: Establish program metrics, key performance indicators, executive reporting, and strategic points of view to communicate risk, security posture, priorities, and program value. Develop and deliver presentations to senior management to support decision-making and drive alignment across the enterprise.

• Act as a subject matter expert in enterprise security architecture, risk management, and compliance frameworks. • Perform security risk reviews across applications, infrastructure, and enterprise systems, identifying vulnerabilities and recommending mitigation strategies. • Support AI adoption initiatives within security risk assessment processes. • Translate business, regulatory, and clinical security requirements into technical security control specifications. • Design, implement, and evaluate security architecture frameworks and controls across enterprise platforms. • Lead and support security architecture solutioning during pre-implementation and system design phases. • Conduct application and infrastructure vulnerability assessments, including identification of gaps and remediation recommendations. • Develop and maintain security metrics, reporting dashboards, and performance indicators for ongoing risk monitoring. • Ensure alignment of security architecture with enterprise standards and regulatory requirements. • Collaborate with enterprise architecture teams to ensure alignment between business objectives, technical architecture, and security controls. • Partner with security engineering teams to implement secure configurations and enforce security policies. • Design and validate identity and access management (IAM) controls. • Evaluate and strengthen network security architecture.

Role Description In the Senior Security Support Analyst role, your mandate is to assist our policyholders in understanding how to use Coalition’s provided security tools in order to improve their risk posture and reduce the likelihood of a cyber attack and subsequent claim. Our Security Support Center provides world-class support to Coalition's 100,000+ policyholder base. - Help policyholders navigate our security products, tailoring messaging to their technical proficiency. - Explain how to address critical security findings and why addressing those findings reduces risk. - Work closely with product and engineering teams to codify security best practices into underwriting algorithms, rating models, and risk management apps. - Lead team initiatives, handle complex cases and projects, and act as a subject-matter expert (SME). - Demonstrate high throughput in handling case workload alongside your team. Responsibilities - Risk Assessment & Customer Advisory - Independently review and analyze the security posture of insureds and prospective insureds. - Evaluate customer security programs, technologies, controls, and business environments. - Advise technical and non-technical stakeholders on security architecture and cloud security. - Assess and quantify security risk to enable underwriting and project leadership decisions. - Technical Support - Provide technical support for Coalition’s security products via ticketing system and scheduled calls. - Become a Subject Matter Expert on security products and guide users on leveraging product capabilities. - Security Leadership - Participate in the Claims Feedback Loop (CFL) process to identify missing domains and recommend improvements. - Participate in Zero Day Alert Outreach activities to notify policyholders about emerging threats. - Assess and interpret scanning and security finding data for organizations of all sizes. - Identify deficiencies in external scanning data and recommend improvements. - Process, Product, Communication, Leadership, and Culture - Create, maintain, and enhance team documentation, runbooks, and knowledge bases. - Lead team initiatives and projects related to toolset enhancement and process changes. - Represent Coalition as an expert to policyholder security leaders. - Mentor peers and contribute to team and department goals. Qualifications - 4+ years of hands-on security analysis, security engineering, incident response, or related experience. - Demonstrated understanding of the lifecycle of network threats and attack vectors. - Proven ability to assess and quantify security risk for complex organizations. - Experience advising technical stakeholders and tailoring recommendations. - Experience with security support tooling (e.g., vulnerability scanners, SIEM). - Strong interpersonal communication skills, both verbal and written. - Self-motivated and comfortable working in a fast-paced environment. - Bachelor’s degree in Computer Science, Information Security, Engineering, or related field. Bonus Points - Experience with offensive and assessment tools such as Nmap, Nessus, and Metasploit. - Experience securing cloud-based platforms (AWS, Azure, GCP). - Programming or scripting experience (e.g., Python, Go, Bash). - Experience with SCADA / industrial control systems (ICS) networks. - Prior experience in cyber insurance or security consulting for insurers. Compensation As a remote-first organization, our compensation reflects the cost of labor across several Canadian geographic markets. - In Alberta, British Columbia & Ontario: $118,600/year up to $150,000/year. - For all other locations: $106,700/year up to $133,425/year. Perks - 100% medical, dental, and vision coverage. - Flexible PTO. - Annual home office stipend and WeWork access. - Mental & physical health wellness programs. - Competitive compensation and opportunity for advancement.

• Drive execution of critical security and compliance programs such as vulnerability management, merger and acquisition security and integration, infrastructure hardening, and datacenter security management • Partner with IT, Infrastructure, Application, Legal, Privacy, and Security teams to build scalable programs, and deliver critical security outcomes across multiple disciplines • Establish scalable frameworks and build programs around critical security initiatives including vulnerability management, evidence collection, incident response coordination, supply chain risk management, and device security • Track and enforce OpenAI’s privacy and security requirements by translating commitments into engineering milestones and driving their full implementation across systems • Create and maintain program-level visibility across risk areas, security milestones, and cross-org dependencies