• Act as a subject matter expert in enterprise security architecture, risk management, and compliance frameworks. • Perform security risk reviews across applications, infrastructure, and enterprise systems, identifying vulnerabilities and recommending mitigation strategies. • Support AI adoption initiatives within security risk assessment processes. • Translate business, regulatory, and clinical security requirements into technical security control specifications. • Design, implement, and evaluate security architecture frameworks and controls across enterprise platforms. • Lead and support security architecture solutioning during pre-implementation and system design phases. • Conduct application and infrastructure vulnerability assessments, including identification of gaps and remediation recommendations. • Develop and maintain security metrics, reporting dashboards, and performance indicators for ongoing risk monitoring. • Ensure alignment of security architecture with enterprise standards and regulatory requirements. • Collaborate with enterprise architecture teams to ensure alignment between business objectives, technical architecture, and security controls. • Partner with security engineering teams to implement secure configurations and enforce security policies. • Design and validate identity and access management (IAM) controls. • Evaluate and strengthen network security architecture.

Role Description In the Senior Security Support Analyst role, your mandate is to assist our policyholders in understanding how to use Coalition’s provided security tools in order to improve their risk posture and reduce the likelihood of a cyber attack and subsequent claim. Our Security Support Center provides world-class support to Coalition's 100,000+ policyholder base. - Help policyholders navigate our security products, tailoring messaging to their technical proficiency. - Explain how to address critical security findings and why addressing those findings reduces risk. - Work closely with product and engineering teams to codify security best practices into underwriting algorithms, rating models, and risk management apps. - Lead team initiatives, handle complex cases and projects, and act as a subject-matter expert (SME). - Demonstrate high throughput in handling case workload alongside your team. Responsibilities - Risk Assessment & Customer Advisory - Independently review and analyze the security posture of insureds and prospective insureds. - Evaluate customer security programs, technologies, controls, and business environments. - Advise technical and non-technical stakeholders on security architecture and cloud security. - Assess and quantify security risk to enable underwriting and project leadership decisions. - Technical Support - Provide technical support for Coalition’s security products via ticketing system and scheduled calls. - Become a Subject Matter Expert on security products and guide users on leveraging product capabilities. - Security Leadership - Participate in the Claims Feedback Loop (CFL) process to identify missing domains and recommend improvements. - Participate in Zero Day Alert Outreach activities to notify policyholders about emerging threats. - Assess and interpret scanning and security finding data for organizations of all sizes. - Identify deficiencies in external scanning data and recommend improvements. - Process, Product, Communication, Leadership, and Culture - Create, maintain, and enhance team documentation, runbooks, and knowledge bases. - Lead team initiatives and projects related to toolset enhancement and process changes. - Represent Coalition as an expert to policyholder security leaders. - Mentor peers and contribute to team and department goals. Qualifications - 4+ years of hands-on security analysis, security engineering, incident response, or related experience. - Demonstrated understanding of the lifecycle of network threats and attack vectors. - Proven ability to assess and quantify security risk for complex organizations. - Experience advising technical stakeholders and tailoring recommendations. - Experience with security support tooling (e.g., vulnerability scanners, SIEM). - Strong interpersonal communication skills, both verbal and written. - Self-motivated and comfortable working in a fast-paced environment. - Bachelor’s degree in Computer Science, Information Security, Engineering, or related field. Bonus Points - Experience with offensive and assessment tools such as Nmap, Nessus, and Metasploit. - Experience securing cloud-based platforms (AWS, Azure, GCP). - Programming or scripting experience (e.g., Python, Go, Bash). - Experience with SCADA / industrial control systems (ICS) networks. - Prior experience in cyber insurance or security consulting for insurers. Compensation As a remote-first organization, our compensation reflects the cost of labor across several Canadian geographic markets. - In Alberta, British Columbia & Ontario: $118,600/year up to $150,000/year. - For all other locations: $106,700/year up to $133,425/year. Perks - 100% medical, dental, and vision coverage. - Flexible PTO. - Annual home office stipend and WeWork access. - Mental & physical health wellness programs. - Competitive compensation and opportunity for advancement.

• Drive execution of critical security and compliance programs such as vulnerability management, merger and acquisition security and integration, infrastructure hardening, and datacenter security management • Partner with IT, Infrastructure, Application, Legal, Privacy, and Security teams to build scalable programs, and deliver critical security outcomes across multiple disciplines • Establish scalable frameworks and build programs around critical security initiatives including vulnerability management, evidence collection, incident response coordination, supply chain risk management, and device security • Track and enforce OpenAI’s privacy and security requirements by translating commitments into engineering milestones and driving their full implementation across systems • Create and maintain program-level visibility across risk areas, security milestones, and cross-org dependencies

• Deploy, configure and maintain security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus and endpoint security software • Monitor the performance and effectiveness of security tools and systems • Troubleshoot security-related issues and implement appropriate solutions • Assist in responding to security incidents and breaches by providing technical expertise and support • Coordinate with system administrators and vendors to ensure timely deployment of security patches and updates • Assist in answering information security questionnaires and various requests for information about IT information security