Role Description In the Senior Security Support Analyst role, your mandate is to assist our policyholders in understanding how to use Coalition’s provided security tools in order to improve their risk posture and reduce the likelihood of a cyber attack and subsequent claim. Our Security Support Center provides world-class support to Coalition's 100,000+ policyholder base. - Help policyholders navigate our security products, tailoring messaging to their technical proficiency. - Explain how to address critical security findings and why addressing those findings reduces risk. - Work closely with product and engineering teams to codify security best practices into underwriting algorithms, rating models, and risk management apps. - Lead team initiatives, handle complex cases and projects, and act as a subject-matter expert (SME). - Demonstrate high throughput in handling case workload alongside your team. Responsibilities - Risk Assessment & Customer Advisory - Independently review and analyze the security posture of insureds and prospective insureds. - Evaluate customer security programs, technologies, controls, and business environments. - Advise technical and non-technical stakeholders on security architecture and cloud security. - Assess and quantify security risk to enable underwriting and project leadership decisions. - Technical Support - Provide technical support for Coalition’s security products via ticketing system and scheduled calls. - Become a Subject Matter Expert on security products and guide users on leveraging product capabilities. - Security Leadership - Participate in the Claims Feedback Loop (CFL) process to identify missing domains and recommend improvements. - Participate in Zero Day Alert Outreach activities to notify policyholders about emerging threats. - Assess and interpret scanning and security finding data for organizations of all sizes. - Identify deficiencies in external scanning data and recommend improvements. - Process, Product, Communication, Leadership, and Culture - Create, maintain, and enhance team documentation, runbooks, and knowledge bases. - Lead team initiatives and projects related to toolset enhancement and process changes. - Represent Coalition as an expert to policyholder security leaders. - Mentor peers and contribute to team and department goals. Qualifications - 4+ years of hands-on security analysis, security engineering, incident response, or related experience. - Demonstrated understanding of the lifecycle of network threats and attack vectors. - Proven ability to assess and quantify security risk for complex organizations. - Experience advising technical stakeholders and tailoring recommendations. - Experience with security support tooling (e.g., vulnerability scanners, SIEM). - Strong interpersonal communication skills, both verbal and written. - Self-motivated and comfortable working in a fast-paced environment. - Bachelor’s degree in Computer Science, Information Security, Engineering, or related field. Bonus Points - Experience with offensive and assessment tools such as Nmap, Nessus, and Metasploit. - Experience securing cloud-based platforms (AWS, Azure, GCP). - Programming or scripting experience (e.g., Python, Go, Bash). - Experience with SCADA / industrial control systems (ICS) networks. - Prior experience in cyber insurance or security consulting for insurers. Compensation As a remote-first organization, our compensation reflects the cost of labor across several Canadian geographic markets. - In Alberta, British Columbia & Ontario: $118,600/year up to $150,000/year. - For all other locations: $106,700/year up to $133,425/year. Perks - 100% medical, dental, and vision coverage. - Flexible PTO. - Annual home office stipend and WeWork access. - Mental & physical health wellness programs. - Competitive compensation and opportunity for advancement.

• Drive execution of critical security and compliance programs such as vulnerability management, merger and acquisition security and integration, infrastructure hardening, and datacenter security management • Partner with IT, Infrastructure, Application, Legal, Privacy, and Security teams to build scalable programs, and deliver critical security outcomes across multiple disciplines • Establish scalable frameworks and build programs around critical security initiatives including vulnerability management, evidence collection, incident response coordination, supply chain risk management, and device security • Track and enforce OpenAI’s privacy and security requirements by translating commitments into engineering milestones and driving their full implementation across systems • Create and maintain program-level visibility across risk areas, security milestones, and cross-org dependencies

• Deploy, configure and maintain security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus and endpoint security software • Monitor the performance and effectiveness of security tools and systems • Troubleshoot security-related issues and implement appropriate solutions • Assist in responding to security incidents and breaches by providing technical expertise and support • Coordinate with system administrators and vendors to ensure timely deployment of security patches and updates • Assist in answering information security questionnaires and various requests for information about IT information security

• Advance Firefox's security architecture and cryptography stack: Contribute to improvements in Firefox's core security systems, with a focus on cryptographic protocols, WebPKI, and security-sensitive web APIs. Help implement and maintain security features that support the evolution of public key infrastructure on the web. • Design and implement web platform security features: Develop and ship web platform features in collaboration with teammates and the broader web community. Contribute to standards-based, secure, and interoperable implementations across Firefox. • Improve browser reliability, performance, and resource efficiency: Investigate and resolve issues impacting stability, correctness, and performance. Analyze and improve memory usage and efficiency within a complex, multi-threaded browser environment. • Collaborate on security initiatives: Partner with engineers across teams to identify, prioritize, and address security issues. Participate in debugging, root cause analysis, and implementation of effective long-term solutions. • Contribute to technical design and planning: Participate in technical discussions, design reviews, and project planning for security-related initiatives. Help evaluate tradeoffs and contribute to engineering decisions within your area of work.