• Own and execute our strategy for how we approach ATOs across our customers. • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7(JWICS) environments, through full authorization and follow-on compliance. • Own RMF (Risk Management Framework) documentation and control implementation across multiple simultaneous ATOs • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports • Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures • Serve as a liaison between system owners and other security personnel, ensuring that selected security controls are effectively implemented and maintained throughout the lifecycle of projects • Interface directly with government ISSMs, AOs, and security stakeholders to manage authorization packages and navigate accreditation tools (XACTA, eMASS) • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities for classified environments • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards • Build scalable systems and processes for managing ATOs across different customers and sponsors • Coordinate with platform engineering teams on security roadmap priorities and technical implementation • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts • Work closely with mission engineering teams deploying to classified environments and partner with compliance engineering on FedRAMP and CMMC efforts • Brief executive leadership on ATO status, risks, and strategic decisions

• Build and lead the local compliance and financial crime programme for Payward Brasil. • Ensure effectiveness of the firm’s AML/CTF/CPF and sanctions control framework. • Act as the designated MLRO/reporting officer responsible for managing internal escalations. • Own and continuously improve Payward Brasil’s compliance framework and local risk-based approach. • Oversee Brazil customer lifecycle controls including onboarding, CDD/EDD, and ongoing monitoring. • Drive vendor performance and escalation, ensuring outcomes meet expectations. • Own internal STR decisioning and external reporting to COAF, including maintenance of logs and confidentiality controls. • Be the local compliance interface for relevant authorities and examinations/audits.

• Lead and support IT risk and compliance assessments, evaluating inherent, residual, and emerging risks across technology domains • Identify, assess, document, and communicate IT risks in a clear and actionable manner to both technical and non‑technical stakeholders • Evaluate existing controls and safeguards, considering effectiveness, likelihood, and impact to inform risk decisions • Partner with technology, security, and business teams to support risk remediation planning and risk acceptance decisions • Contribute to the development, refinement, and documentation of risk assessment workflows, processes, and methodologies • Support alignment of IT risk practices with internal policies, standards, and external regulatory or industry frameworks • Assist with ongoing improvements to IT risk governance processes, tools, and reporting • Collaborate effectively within a distributed team across multiple time zones, fostering strong working relationships.

• Developing and executing regulatory strategies for new and modified medical devices in line with business objectives • Manage regulatory associates as needed, responsible for team’s work planning, guidance, execution and talent development • Lead FDA submissions (510(k) or pre-submissions) with the team, including wearable devices, as well as artificial intelligence (AI) Software as a Medical Device (SaMD) products • Key Regulatory SME and review & approve advertising and promotional materials to ensure regulatory compliance • Regulatory strategy and processes for product life cycle management • Lead EU MDR Technical Documentation and other international submissions for both wearable devices and SaMD • Developing regulatory tools and matrices to enhance team efficiency and capabilities as needed • Lead regulatory expert in AI, SaMD, Cybersecurity, collaborating with stakeholders establishing necessary processes to ensure regulation compliance • Preparing international and domestic regulatory filings/registrations in line with established project timelines • Interacting with regulatory authorities during the development and review process to ensure submission clearance • Review and approve product design changes to maintain regulatory compliance for significant changes • Author or revise SOPs to improve regulatory compliance within the Quality System • Monitoring the impact of changing global regulations on submission strategies & registrations • Support external and internal audits • Perform other regulatory-related duties as assigned.