- Own the information security policy framework and alignment with NIST CSF/SP 800-53 and regulatory requirements.
- Lead IT risk management activities and conduct vendor security risk assessments.
- Own IT General Controls for SOX compliance readiness and coordinate with external auditors.
- Manage the managed security service provider ecosystem (SentinelOne, Huntress, Zscaler).
- Serve as the primary technical incident coordinator.
- Design and enforce identity and access management controls in Microsoft Entra ID.
- Execute security awareness and training programs.
Risk Management