• own all security outcomes: infrastructure, compliance, external programs, and internal security • drive execution and hold an extremely high bar for our security posture • hands-on role, independently build these programs from scratch • own SOC2 and data privacy compliance (audits, GDPR, CCPA) • own infrastructure security (AWS, Vercel, Cloudflare, PlanetScale - secrets, access controls, monitoring) • own security incident response (detection, triage, remediation, post-mortems) • own external security programs (bug bounty, pen tests, threat monitoring) • own internal security (IT vendor, device security, office security, training) • first line of escalation for all security issues

• Work directly with engineering teams as the main point of contact for product security. • Conduct formal TARA (ISO/SAE 21434) to define security requirements for vehicle ECUs and autonomous stacks. • Develop data integrity standards for CAN and Automotive Ethernet to block injection and spoofing attacks. • Perform threat modeling for new infrastructure to identify vulnerabilities in fleet management and diagnostic tools. • Specify automated security testing requirements, including protocol fuzzing, for the software build pipeline. • Translate high-level security goals into actionable engineering specifications alongside senior architects. • Design Hardware Security Module (HSM) integrations to establish a hardware-rooted Chain of Trust. • Architect secure boot and OTA update mechanisms using cryptographic signing to prevent unauthorized code execution. • Design secure truck-to-cloud interfaces utilizing end-to-end encryption and robust mutual authentication.

• Work directly with engineering teams as the main point of contact for product security. • Conduct formal TARA (ISO/SAE 21434) to define security requirements for vehicle ECUs and autonomous stacks. • Develop data integrity standards for CAN and Automotive Ethernet to block injection and spoofing attacks. • Perform threat modeling for new infrastructure to identify vulnerabilities in fleet management and diagnostic tools. • Specify automated security testing requirements, including protocol fuzzing, for the software build pipeline. • Translate high-level security goals into actionable engineering specifications alongside senior architects. • Design Hardware Security Module (HSM) integrations to establish a hardware-rooted Chain of Trust. • Architect secure boot and OTA update mechanisms using cryptographic signing to prevent unauthorized code execution. • Design secure truck-to-cloud interfaces utilizing end-to-end encryption and robust mutual authentication.

• Implement essential security projects. • Help maintain a Vulnerability Management program. • Help define and evangelize requirements and guidance for security best practices. • Participate in security incident management, evaluation, assessment, and testing for vulnerabilities across web and mobile applications as well as cloud infrastructure and internal networks. • Provide information and vulnerability notices to the team from Threat Hunting. • Collaborate with product and engineering teams to improve security visibility, monitoring, hardening, and operational response. • Manage and configure security controls on endpoint solutions such as GSuite, SSO, Data Loss Prevention, and firewalls. • Routinely manage engagements such as tabletop, red team exercises, or bug bounties.