• Responsible for leading Civix's enterprise information security program across corporate systems, cloud infrastructure, SaaS products, and customer-facing security initiatives. • Partner closely with Engineering, Product Management, Cloud Operations, Compliance, Customer Success, and Executive Leadership to ensure security is embedded throughout the software development lifecycle. • Own the strategic direction, governance, and operational execution of the company's security program, including compliance initiatives, security operations, product security, security awareness, and incident response. • Lead a team of security professionals while serving as the primary security advisor for customers, auditors, vendors, and executive leadership. • Develop and execute the company's enterprise information security strategy. Establish security policies, standards, procedures, and governance practices. • Build and mentor a high-performing Information Security team.

• Participate in architecture and design reviews across the AMI product stack — metering devices, RF/cellular modules, gateways, cloud pipelines and SaaS portals — providing security guidance from the early stages of the development lifecycle. • Perform threat modeling (STRIDE, PASTA) across the AMI architecture, identifying attack surfaces and trust boundaries from the meter to the cloud. • Support firmware security standards and coordinate security testing of metering hardware, including firmware extraction/analysis and review of supply chain components. • Work with Cloud and DevOps teams to embed security controls into Infrastructure as Code (IaC) templates and CI/CD pipelines. • Execute or coordinate SAST, DAST and SCA testing in the CI/CD pipelines of NTG’s utility management applications and consumer portals. • Assess authentication, authorization and API security in multi-tenant SaaS portals intended for utility administrators, end customers and integration partners. • Serve as the primary point of contact between Security & Compliance and Product Development, ensuring requirements are implemented in practice — not just documented — and supporting evidence collection for audits across firmware, cloud and SaaS. • Provide technical support during product security incidents and post-incident reviews, converting findings into architectural improvements or engineering backlog items.

• Assist in designing and reviewing secure cloud architectures, landing zones, and guardrails in AWS and Azure environments. • Assess and recommend reference architectures and reusable security patterns aligned with standards and the risk posture. • Support the implementation and configuration of native cloud and third-party security controls, including IAM, CSPM, logging, and security posture management. • Assist in translating regulatory and internal security requirements into applicable technical controls within AWS and Azure environments. • Review logs, telemetry, and CSPM tool findings to identify issues that require remediation or architectural adjustments. • Assist in audit preparation by producing architectural artifacts, control evidence, and technical explanations. • Provide technical support during cloud-related security incidents, including scoping, investigation, and containment guidance.

• Provide leadership and oversight for field operations • Ensure personnel safety, operational effectiveness, and compliance with contractual requirements • Foster a positive, professional, and mission-focused work environment • Oversee daily field operations to ensure work is completed accurately, efficiently, and in accordance with contractual requirements • Monitor field workflow to ensure timely and accurate documentation and reporting • Resolve operational issues that arise during daily field activities • Conduct field audits and quality assurance reviews to verify compliance, completeness, and accuracy • Maintain program reference materials, operational documentation, policies, procedures, and project files • Provide guidance to field staff regarding operational procedures, safety protocols, and contractual requirements • Oversee field activities involving address verification, interviews with family members and sponsors, case management support, and wellness checks • Ensure timely identification, documentation, and reporting of sensitive situations, including suspected trafficking, abandonment, neglect, or other safety concerns • Coordinate with leadership to support operational readiness, risk mitigation, and continuous improvement • Perform other duties as assigned • Requires regular field oversight. Travel may be required to support operational needs.