• Building strong detection foundations and response frameworks to advance HubSpot’s security posture. • Driving the development of automated detection systems and prioritizing mitigations based on current threats and coverage gaps. • Partnering closely with engineering teams to supply data for purple team exercises and implement practical solutions that mitigate risks. • Guiding architectural decisions for our corporate security logging infrastructure and SIEM. • Contributing code to security automations, reviewing designs for detection reliability, and providing technical mentorship to engineers. • Acting as a key point of contact for threat intelligence and incident response expertise. • Supporting incident response efforts by aiding in investigations and understanding bad actor behaviors.

• Lead our security engineering and compliance initiatives • Conduct security assessments and penetration tests • Implement and maintain security controls for cloud infrastructure • Design, build, and maintain DevSecOps pipelines • Perform security code reviews • Implement robust security guardrails for AI systems • Own and maintain SOC2 Type 2, ISO 27001, and HIPAA compliance programs • Coordinate with engineering and product teams for security integration • Manage relationships with security vendors and external auditors • Conduct security training sessions and mentorship for developers • Oversee incident response processes and communications during security events. • Report to Head of Engineering on security posture and risk assessments. • Update security policies and procedures.

The Safety Director is responsible for implementing the QE Solar Health and Safety program. The Safety Director will assist with planning and implementation of the QE Solar Health and Safety program to ensure a safe, healthy and accident-free work environment. The Safety Director supports QE Solar operations in ensuring all QE staff conduct operations in a safe manner for the protection of our employees, clients, subcontractors and the general public. The Safety Director ensures compliance with all applicable federal, state, county, and local safety related regulations. The Safety Director demonstrates strong leadership skills, works well in a team environment, has excellent communication skills and strives to enrich QE Solar Safety Culture. Up to 50% Travel Essential Job Functions & Responsibilities Risk Management Works closely with Safety Managers to cultivate QE Solar Safety culture. Provide health and safety leadership and direction to all QE staff. Serve as a contact on Health and Safety issues. Provide recommendations and assistance, along with QE Solar Field Operations Managers with respect to job site hazards, employee training, new/safe equipment operation and safe material or substance utilization. Ensure compliance with corporate worker’s compensation program including working with internal personnel and third-party administrators/legal counsel, to effectively investigate and resolve claims in an expeditious and cost-effective manner. Responsible for establishing and maintaining positive working relationships with QE Solar Clients, Site Health and Safety Managers, Managers, local representatives and subcontractors. Create, manage, and review site specific health and safety plans (HASP). Appraise and implement new safety policies and procedures as they relate to QE Solar operations. Ensure that all QE staff are adequately trained in emergency response plan procedures. Work as the internal incident manager, ensuring that safety emergencies and injuries are properly managed. Ensure HASP safety orientation for all new QE Solar staff and client personnel as applicable. Assist in the preparation of new work proposals as solicitations relate to corporate Health and Safety objectives. Review subcontractor safety programs, ensure that subcontractor programs are compliant with QE Solar, OSHA and NFPA requirements. Participate in Monthly Safety meetings with field personnel. Conduct safety audits, audits will include a brief summary report noting any deviations from the HASP and corrective actions that may be necessary to promote the health and safety of workers and the public. Training Assist with development and presenting programs to train managers and employees in work site safety practices, safe equipment operating techniques and fire prevention for job sites and office. Facilitate employee training in First aid and CPR. Maintain training records in the employee files. Ensure new employees receive safety instructions prior to beginning work. Emphasize any specific site hazards and thoroughly explain all applicable precautions. Provide training and education to all levels of staff, as required, by Federal and State safety regulations. Compliance Assist with Risk management planning, safety policies and procedures in compliance with all federal, state, county and local rules and regulations, for both field and office operations, to maximize a safe working environment. Act as a contact for any federal, state or municipal safety or risk management authority and/or personnel, including, but not limited to OSHA. Manage and oversee motor vehicle fleet safety program and conduct driver background investigations to qualify authorized drivers. Maintain third-party qualification sites: ISNetworld and Avetta. Support Represent QE Solar in community or industry safety groups and programs. Maintain a work atmosphere by acting and communicating in a manner to ensure positive relationships with clients, subcontractors, co-workers and management. Frequently communicate with company Managers to keep them apprised of pertinent issues. Audit Prepare a study and analysis of industrial accident causes and hazards to health for use by company personnel and outside agencies. Make recommendations to resolve any deficiencies. Access means and methods for preventing and reducing claim costs. Research and manage ways to reduce the net premium paid by improving the experience modifier. Record and compile data, update logs, monitor equipment and schedule maintenance. Knowledge OSHA General Industry standards, ANSI guidance for Health and Safety programs, NFPA 70E-2024 Worker’s Compensation Regulations Skills Honest, Genuine, Trustworthy, Leader, Forward Thinker- ability to plan, Good Listener and communicator, Desire to learn and use technology, Organized and detail oriented, Problem solver, Respectful, Maintain Confidentiality, Passionate, Strong work ethic. Abilities Physical Requirements Ability to lift 25/50 pounds regularly Ability to move safely over uneven terrain Ability to sit or drive for prolonged periods Ability to work in extreme weather Working Conditions Ability to work in and all-weather conditions Required Education Bachelor’s degree in safety management, Occupational health or other STEM field. Preferred Education Certified Safety Professional (CSP) is preferred, however not required. Required Experience Prefer a minimum of 7-10 years safety related experience with Mobile workforce, strong understanding of NFPA 70E and OSHA Electrical Safety regulations. General Industry and Construction Health and Safety Knowledge- desirable to have completed OSHA 30- hour courses in General Industry and Construction Safety. Required Certifications, Licensures, Etc. CPR/First Aid certification including Instructor. EM 385-1-1 40-hour certification and EM 385-1-1 Competent Person for Fall Protection. MUST POSSESS A VALID DRIVER LICENSE Workplace Type: Remote Salary Range: $110,000 - $130,000 per year Employment Type: Full-time Location: Remote Statement to all Third-Party Agencies and Similar Organizations: QE Solar accepts resumes only from contracted recruiting agencies with formal service agreements. Please do not send unsolicited resumes or outreach emails to our QE Solar employees, hiring managers, or team members without expressed consent or contract for services. QE Solar is not responsible for any fees or charges associated with unsolicited resumes or services.

About the role The Director of Information Technology is hands on to lead and scale our IT, security, cloud, and infrastructure capabilities as we continue to grow as a SaaS health technology company. This role is critical to ensuring the reliability, security, and compliance of our platforms while enabling productivity across the organization. You will be responsible for corporate IT operations, cloud infrastructure, and DevOps practices, networking, and information security. The ideal candidate blends strong technical depth with strategic leadership, operational excellence, and a security-first mindset appropriate for regulated healthcare environments. What you'll do IT & Infrastructure Management - Own and operate corporate IT systems including endpoint management, identity and access management, collaboration tools, and internal applications. - Design, implement, and maintain scalable, secure, and reliable cloud infrastructure leveraging AWS, Entra, and or cloud native platforms. - Oversee networking architecture including VPNs, firewalls, segmentation, and connectivity between cloud and corporate environments. - Establish IT standards, policies, and procedures to support a growing, distributed workforce. - Automation: Foster a culture of Infrastructure as Code (IaC) using tools like Terraform and Ansible to eliminate manual bottlenecks. Security Compliance - Lead the company’s information security program, including policies, risk management, incident response, and security operations. - Ensure compliance with applicable regulatory and industry standards such as HIPAA, SOC 2, ISO 13485, and other customer or partner requirements. - Partner with Compliance and Engineering teams to support audits, risk assessments, and vendor security reviews. - Drive security awareness and training across the organization. DevOps & Cloud Engineering - Lead DevOps strategy including CI/CD pipelines, infrastructure as code, monitoring, logging, and reliability practices. - Partner closely with Engineering to improve system availability, performance, scalability, and cost optimization. - Establish and track SLOs, SLAs, and operational metrics for production systems. - Own disaster recovery, business continuity, backup, and resiliency planning Team Leadership & Cross-Functional Collaboration - Build, mentor, and manage a high-performing team across IT operations, cloud engineering, and security. - Serve as a trusted partner to Engineering, Product, Finance, and Operations leaders. - Manage vendors and service providers, including MSPs, security tools, and cloud partners. - Support due diligence and integration activities related to customer security reviews, partnerships, or acquisitions. Strategy & Planning - Develop and execute an IT and infrastructure roadmap aligned with company growth and business objectives. - Own budgeting, forecasting, and cost management for IT, security, and cloud infrastructure. - Evaluate and implement tools and technologies that improve efficiency, security, and scalability. Qualifications - Bachelor’s degree in a relevant field such as Computer Science, Information Technology, Management Information Systems, Engineering, or a related technology discipline. - 8–12+ years of experience in IT, infrastructure, cloud engineering or DevOps, with at least 5 years in a leadership role. - Strong experience operating SaaS platforms in cloud environments preferably AWS. - Demonstrated ownership of security and compliance programs in regulated environments (healthcare strongly preferred). - Hands-on knowledge of: 1) Identity and access management (SSO, MFA, RBAC) 2) Cloud networking and security architecture 3) CI/CD pipelines and infrastructure as code (Terraform, CloudFormation, etc.) 4) Endpoint management and corporate IT tooling - Proven ability to scale systems and processes in a growing organization. Preferred: - Experience in health tech, medical devices, or regulated SaaS environments. - Familiarity with HIPAA, SOC 2 Type II, ISO 13485, or similar frameworks. - Experience supporting remote-first or distributed teams. - Strong vendor management and audit support experience. Leadership Competencies: - Security-first and risk-aware mindset - Strong operational discipline and attention to detail - Clear communicator who can translate technical concepts for non-technical stakeholders - Pragmatic, hands-on leader who balances speed with reliability and compliance - Collaborative partner with a customer- and employee-centric approach