1. Lead the system-wide cybersecurity compliance program, ensuring IT activities, processes, and procedures meet regulatory and industrial requirements.

2. Develop and implement effective policies and practices to safeguard digital assets and prevent unauthorized access.

3. Recommend process improvement and technical directions in matters relating to program maturity, incident investigation, threat management, and control assessment.

4. Organize the collection of data from required security artifacts and questionnaires for industry framework and other related industrial and cybersecurity standards and mapping this to the company control portfolio.

5. Build and maintain cybersecurity metrics for all levels of management focused on trending and tracking reports to demonstrate compliance and improve resilience.

6. Analyze risk associated with technology stack and supply chain and work with business leaders to proactively manage exceptions.

7. Develop program strategies to improve cyber hygiene and address awareness and training for all stakeholders.

8. Perform security review in technology products and solutions (including security tools and systems), identify gaps in control design and operation, and develop remediation plan.

9. Provide advice and input for IT disaster recovery, contingency, and continuity of operations plans.

10. Define policy and standards for data protection and recovery.

11. Perform access & privilege review for both machine and human accounts.

12. Properly document all systems security implementation, operations, and maintenance activities and update as necessary.

13. Provide input to risk management process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).