• Lead and grow a high-performing Engineering Product Security team focused on enabling secure development at scale • Champion a left-shifted security model that puts secure tooling and patterns directly in developers' hands • Partner deeply with our platform teams to embed security into CI/CD pipelines, architecture patterns, and developer workflows • Define the security standards and practices that will govern our extensible platform, internal services, external APIs, and partner integrations • Serve as a security advocate and trusted advisor across Product, Engineering, Cyber Security, and Field teams

• Design and develop secure, high-quality C# software for manufacturing tools and fixtures used in the production of our Cardiac monitoring devices. • Lead the design, implementation and documentation of secure software systems that support manufacturing and production processes for medical devices. • Define and enforce cybersecurity best practices throughout the manufacturing software development lifecycle (SDLC), including code reviews, and vulnerability assessments. • Familiarity with NIST SP 800-series security controls for software design, including the implementation of Multi-Factor Authentication (MFA), identity management, and cryptographic best practices. • Collaborate with manufacturing engineering, IT/OT teams, quality, and regulatory functions to ensure that production software systems meet both operational and security requirements. • Develop and maintain secure interfaces between manufacturing equipment and other enterprise systems. • Support compliance with medical device and cybersecurity standards, including FDA Premarket Cybersecurity Guidance, ISO/IEC 81001-5-1, IEC 62304, ISO 13485 and ISO /IEC 27001. • Guide and mentor development teams on secure coding principles, risk mitigation, and compliance with cybersecurity standards. • Support verification and validation activities, including documentation aligned with medical device regulatory frameworks. • Investigate and resolve complex security and performance issues across the manufacturing software stack. • Contribute to continuous improvement initiatives and champion a culture of “doing things right the first time” while maintaining delivery velocity.

• Develop and lead the company-wide information security strategy aligned to business goals. (Annual planning; ongoing oversight) • Establish and manage the risk management program, including regular reporting to executive leadership. (Quarterly reporting; ongoing monitoring) • Own SOC 2 Type 2, NIST 800-171, and other required audits end-to-end. (Annual; intensive during audit windows) • Serve as the primary point of contact for auditors and ensure continuous audit readiness. (Ongoing) • Maintain and evolve security policies, standards, and controls, including AI/LLM governance. (Quarterly review; updates as needed) • Lead incident response planning and periodic tabletop exercises. (Annual/Semi-Annual) • Partner with Engineering to ensure secure architecture, SDLC, and cloud security practices. (Ongoing) • Oversee vulnerability management, access controls, and vendor risk management. (Ongoing) • Lead customer security assurance efforts, including questionnaires and enterprise security discussions. (As needed)

• Design, build, and maintain cryptographic services used by platforms and applications across Netflix. • Develop features and enhancements for our Crypto-as-a-Service platform, PKI, and certificate lifecycle management tools. • Collaborate closely with cross-functional partners to deliver secure, reliable, and developer-friendly solutions. • Participate in our on-call rotation, supporting high-availability services that are critical to Netflix’s security posture. • Help drive our vision to centralize and standardize cryptographic solutions for repeatable, broadly applicable use cases.