Role Description The Security Engineer - Identity role exists to protect Hallmark’s digital assets and ensure the confidentiality, integrity, and availability of its information systems. This position is crucial in defending against cyber threats, mitigating vulnerabilities, ensuring secure access/authentication, and maintaining compliance with security regulations and industry standards. - Implement robust security measures and respond to security incidents. - Safeguard the company's reputation and operational continuity. - Support Hallmark’s mission by enabling a secure environment for business operations and innovation. Qualifications - Bachelor’s degree or 4 years’ professional work experience. - Experience in security tools and technologies, such as: - Firewalls - Zero trust solutions - Antivirus software - Vulnerability scanning tools - Access management tools - Authentication and authorization tools - Privileged access management tools - Security for various SAP systems - At least 4 years of experience in information security with: - Security operations - Incident response - Threat analysis - Familiarity with security frameworks and standards, such as NIST, ISO 27001, and CIS Controls - Experience handling moderately complex issues and problems. Requirements - Degree in Cybersecurity, Information Security, Computer Science, or a related field. - Certifications such as: - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Certified Cloud Security Professional (CCSP) - Offensive Security Certified Professional (OSCP) - Certified Identity and Access Manager (CIAM) - Solid working knowledge of subject matter. - Experience with cloud security platforms (AWS, Azure, Google Cloud) and knowledge of securing cloud environments. - Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation and security tool development. - Experience with security information and event management (SIEM) systems, endpoint detection and response (EDR) solutions, and advanced threat protection (ATP) tools. - In-depth understanding of identity and access management processes, including least privileged access. - Deep understanding of access methods such as single sign-on and multi-factor authentication and their use in developing a zero-trust model. - Deep understanding of privileged access management and how it can be used to limit access and risk in the case of a breach. - Understanding of how security works in SAP systems including S/4HANA, HANA, ECC, SCM, CRM, etc. Benefits - Salary range: $100,000 - $110,000. - U.S.-based remote role with access to virtual tools and team support. - Annual merit-based increases aligned with individual and company performance. - Competitive benefits package, including: - Medical, dental, and vision plans - Paid time off - 401K with company match - Profit-sharing

• Perform electrical engineering systems design for building construction • Initiate project designs and help to develop design goals and systems • Participate or lead project teamwork planning sessions • May serve as project manager or project engineering leader and lead engineering meetings • Assume project engineering responsibilities and adhere to financial and work goals • Design lighting, power distribution, signaling, communications and/or telecommunication systems for healthcare, education/higher education and commercial clients per applicable codes • Prepare construction documents including drawings and specifications • Guide less experienced team members in execution of drawings • Specify electrical equipment • Complete quality control checks of engineering documents • Participate or lead value engineering sessions with Architectural/Engineering team • Recommend improvements with reference standards and processes to improve quality, coordination, and to streamline production efforts • Review and markup of shop drawings and submittals • Respond to RFI’s and review of change orders in the preparation of construction documents • Conduct job site visits to verify existing conditions and observe construction progress • Attend and participate in construction meetings • Support the implementation and verification of cyber-informed design principles and operational technology security requirements for critical infrastructure projects • Apply and interpret NIST SP 800-82 guidance and industry best practices when evaluating operational technology systems supporting electrical and MEP infrastructure • Coordinate with clients, facility operators, technology consultants, and engineering teams to identify and mitigate risks associated with connected building systems and operational technology networks • Lead workshops and technical discussions related to facility resiliency, operational continuity, and cyber-informed design strategies • Track and document compliance status, risk assessments, and recommendations through project reports and owner updates • Familiarity with operational technology systems, cyber-informed design principles, NIST SP 800-82, or critical infrastructure security considerations preferred.

• Build bolttech's Product Security program and roadmap from scratch • Own the end-to-end security posture of each product as a complete system • Govern how products are deployed on cloud platforms such as AWS and Azure • Oversee multi-tenant data isolation • Govern privileged and administrative access • Ensure audit-ready logging • Drive the product's compliance and customer-trust posture (certifications, due-diligence, security questionnaires) • Facilitate threat modelling and design reviews from the earliest stages of new products and features • Prioritize remediation with product and engineering owners • Embed security requirements for AI-enabled capabilities alongside the AI Security function • Maintain a Group-wide view of risks and findings, collaborating closely with other teams.

• Own the execution and operational management of the Information Security program • Translate security strategy into a structured, measurable program of work • Set the program's operating cadence • Hold initiative owners accountable • Structure initiatives with clear milestones and owners • Run regular tracking and leadership review sessions • Maintain a single source of truth for program status in monday.com • Produce executive-ready reporting and dashboards • Champion AI-powered tools to accelerate reporting and improve program insight quality