- Develop and execute the company's information security strategy and scalable security roadmap.
- Conduct enterprise-wide cybersecurity risk assessments across infrastructure, endpoints, applications, and processes.
- Oversee the incident response program, including playbooks, tabletop exercises, and post-incident reviews.
- Lead compliance initiatives such as SOC 2 Type II and manage customer security questionnaires.
- Manage device security policies and endpoint protection using MDM software like Kandji.
- Build and manage company-wide security awareness and phishing training programs.
- Partner with department leaders to integrate security into business operations and decision-making.