• Provide support to Project Managers (PM) and Operations Specialists of the Operations Support (OSS) Branch, and other PMs or JISR administrative team on an as-need basis. • Provide support to PMs for Acquisition, Service Now Dashboards, Coordination of meetings, Follow-up of procurements and internal reviews, request new- or extend Reach accounts and laptops for contractors. • Monitor & control non-complex small projects. • Coordinate and participate in multidisciplinary meetings.

• Establish and manage security and privacy governance • Develop a robust framework for information security and data protection • Build a pragmatic ISMS and continuously evolve it • Define guardrails, roles, responsibilities and review mechanisms • Prioritize risks and remediation measures together with management, product and engineering • Develop policies, standards, procedures and evidence structures • Define requirements for access management, authorizations, logging, monitoring, incident handling, backup/restore and documentation • Ensure that technical and organizational measures are not only decided but effectively implemented • Translate data protection requirements into practical directives for product, processes and operations • Support topics such as technical and organizational measures (TOMs), deletion concepts, role and permission models, data processing agreements and privacy audits • Work closely with internal stakeholders and external data protection functions • Prepare audits, assessments and certification initiatives in a structured manner • Coordinate measures, evidence and maturity assessments • Actively drive topics such as ISO 27001, ISO 27018 and comparable requirements • Formulate requirements so they are understandable for engineering teams and defensible for auditors • Support proposals, tenders and customer projects with reliable statements on security and privacy • Answer security questionnaires and compliance requests • Serve as the contact point for security- and privacy-related customer requirements • Collaborate closely with product management, development, QA, DevOps, support and delivery • Review new features, integrations and operating models from the perspective of security, privacy and auditability • Embed Security by Design and Privacy by Design into real-world processes

• Ensure that security requirements for infrastructure, platform, applications, and operational processes are implemented, documented, reviewed, and continuously improved • Implement and oversee technical security controls • Translate security requirements into practical measures • Strengthen incident readiness and technical resilience • Embed security into day-to-day engineering activities • Provide technical support for auditability and evidence • Serve in a deputy capacity

• Design, implement, and scale secure AWS environments that balance innovation and compliance. • Build and maintain Terraform modules and infrastructure-as-code pipelines to ensure consistent, auditable, and secure deployments. • Lead regular security assessments, perform vulnerability testing, and drive incident response efforts. • Collaborate with engineering and DevOps teams to integrate security controls into CI/CD workflows and product lifecycles. • Define IAM strategies, implement network segmentation, apply encryption standards, and establish continuous monitoring practices. • Detect anomalies, investigate alerts, and respond to evolving threats across our cloud ecosystems. • Guide peers on secure design, share knowledge of emerging risks, and promote cloud security best practices. • Stay ahead of emerging threats and tools while shaping our long-term security strategy with creativity and foresight.