• Define and execute HavocAI’s port security GTM strategy across both commercial and government customers. • Identify priority accounts across commercial port authorities and terminal operators and federal maritime security stakeholders. • Develop repeatable playbooks for pilots, deployments, and expansion across varied procurement pathways. • Build and manage a robust pipeline within the port security domain. • Carry direct responsibility for pipeline development, opportunity advancement, and revenue growth within the port security vertical. • Lead commercial sales engagements and support government capture efforts. • Partner with marketing to produce specific materials on port security. • Engage directly with port directors, harbor masters, security chiefs, and government maritime leaders.

• Assist in developing playbooks, workflows, and implementation roadmaps to mature the Insider Threat operational support program. • Administer and optimize the Insider Risk toolset, specifically DLP, UEBA, SIEM, and Microsoft Defender/Entra/Purview. • Develop and maintain a convergence model to reduce risk to personnel and assets across regional operating divisions. • Lead and assist in the investigation of all incidents involving potential insider threats. • Coordinate with business and technology leaders to develop programmatic solutions and deliver high-level presentations on findings. • Implement federal government and industry standards regarding insider threat programs and maintain programmatic gap analyses.

This position is for a Senior Counsel - REMOTE, where you will join a dynamic Legal and Compliance department, providing high-caliber legal advice to internal stakeholders. Support business units across the company with diverse legal needs. Develop and improve processes for the Legal and Compliance Department. Ensure that legal obligations are met and the company is fully protected. Identify and propose solutions to complex legal challenges. Navigate data privacy legislation to keep policies up-to-date.

• FedRAMP Ownership: Own the entire process for maintaining and managing FedRAMP/GovRamp authorizations, including control implementation, documentation (e.g., System Security Plan - SSP), continuous monitoring, and annual audits (A&A). • Audit Management: Serve as the primary point of contact for all external security and compliance audits (including SOC 2 Type II), coordinating efforts between auditors, legal counsel, and technical teams to ensure successful outcomes and high-quality evidence collection. • Compliance Program Management: Design, implement, and lead the corporate security compliance program, ensuring adherence to the specific controls required by all key frameworks. • Security-by-Design Review: Collaborate closely with the Product Management and Engineering teams, reviewing product roadmaps, features, and architectures to ensure security and government compliance (especially FedRAMP/GovRamp controls) are integrated from the initial design phase (Security-by-Design). • Product Requirements Translation: Translate complex regulatory and certification controls into clear, actionable technical requirements and user stories for product development teams. • Risk Mitigation: Conduct risk assessments on product features, third-party integrations, and new technologies to proactively identify and mitigate compliance and security risks before product launch. • Contractual Review: Support the Legal Team by critically reviewing and negotiating security and privacy clauses in customer contracts, RFPs, vendor agreements, and data processing addendums (DPAs), specifically pertaining to government and regulated clients. • Policy & Training: Develop, document, and enforce comprehensive security, privacy, and data governance policies. Conduct targeted training for teams involved in government-facing products. • Executive Reporting: Provide regular, executive-level reports to the Chief Legal Counsel on the status of compliance efforts, identified risks, and strategic security posture.