• Design and implement secure cloud architecture patterns • Establish guardrails for AWS accounts and services • Strengthen multi-account strategy and segmentation • Improve IAM design, permission boundaries, and least-privilege models • Review major infrastructure changes for security impact • Implement and tune cloud-native detection capabilities • Integrate AWS security services into centralized monitoring • Identify misconfigurations and excessive permissions • Improve signal-to-noise ratio in cloud alerts • Embed security controls into Terraform or other IaC workflows • Enforce policy-as-code guardrails • Ensure IaC scanning is integrated into CI/CD pipelines • Reduce configuration drift across environments • Oversee cloud misconfiguration detection and remediation • Track infrastructure vulnerability exposure • Reduce critical vulnerability exposure window • Partner with Platform teams to automate remediation • Ensure proper encryption standards across storage and databases • Manage KMS usage and key lifecycle best practices • Strengthen logging and monitoring coverage • Lead cloud-focused investigations during security incidents • Improve forensic readiness in AWS • Harden logging and evidence retention practices • Automate guardrails and enforcement mechanisms • Improve developer experience with secure cloud defaults • Reduce manual cloud security reviews • Optimizing tooling cost and effectiveness • Define KPIs for cloud security posture • Report on misconfiguration trends and exposure windows • Provide executive-level reporting on infrastructure risk • Support audit and compliance evidence collection

• Engaging in mitigation techniques to prevent vector attacks • Analysing customer traffic, applications and systems to tailor our security solutions and answer customers security needs • Managing and documenting technical issues, responses and requests to ensure information is recorded and updated • Providing support to customers to remedy and resolve network and connectivity issues • Communicating with customers regarding challenges and providing updates and results on your mitigation and analysis

• Administer, configure, manage, patch, upgrade, design, and optimize network and host-based security tools and systems • Evaluate, install, configure, test, and update network and host-based security systems and hardware • Develop network and host-based security systems and security operation center knowledge base articles, how-to documents, standard operating procedures, and policies • Develop scripts or code to automate operations, administration, maintenance, or analysis of data and systems • Develop, document, and review secure baseline configurations for each technology used within the environment • Assist in determining authorization boundaries and placement of new systems within the Agency’s enterprise architecture • Support the development of new systems, and modernization of legacy systems that are in line with Security and Enterprise Architecture requirements • Design, develop, and maintain detailed security drawings • Develop alternative system designs and architectures • Develop and document Solution Architecture Models, Threat Models, and CONOPS Security Operations • Perform security impact analyses for proposed changes to assigned systems • Review IT system plans to ensure designs meet governmental standards and provide an appropriate level of protection for client systems and data • Conduct gap analysis of system requirements and components

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks. • Troubleshooting security and network problems. • Responding to all system and/or network security breaches. • Ensuring that the organization's data and infrastructure are protected by enabling the appropriate security controls. • Participating in the change management process. • Testing and identifying network and system vulnerabilities. • Daily administrative tasks, reporting, and communication with the relevant departments in the organization.