• Responsible for cybersecurity, data security, governance, and compliance across IT, cloud, applications, and enterprise data platforms. • Has core security engineering responsibilities with advanced data protection, compliance, and Microsoft Purview capabilities. • Protects organizational systems and information assets against unauthorized access, disclosure, modification, or destruction, while ensuring compliance with regulatory, legal, and contractual obligations. • Perform all duties in accordance with the company’s policies and procedures, all US state and federal laws and regulations, wherein the company operates.

• Supervise, mentor, and develop a team of SaaS security engineers and analysts, fostering professional growth and maintaining high team performance. • Manage day-to-day SaaS security operations, including continuous monitoring of SaaS application configurations, user activity, and integrations for security risks. • Design, implement, and maintain robust security controls and policies aligned with organizational requirements and industry best practices for SaaS applications. • Oversee the configuration, monitoring, and utilization of SaaS Security Posture Management (SSPM) tools to identify and remediate misconfigurations, excessive permissions, and compliance gaps across the SaaS landscape. • Lead the assessment and management of security risks associated with third-party SaaS vendors, including due diligence, contract reviews, and continuous monitoring of vendor security posture and compliance. • Ensure the secure integration of SaaS applications, focusing on API security, secure authentication (e.g., SSO, MFA), and data flow protection. • Ensure SaaS application compliance with regulatory and internal requirements, with a specific focus on interpreting, implementing, and documenting controls based on frameworks such as NIST 800-53, SOC 2, and ISO 27001 as applied to SaaS. • Support SaaS-specific security incident response activities – when requested by Cyber Defense leadership – ensuring effective containment, analysis, and resolution for incidents involving SaaS applications. • Collaborate effectively with engineering, operations, procurement, legal, and business teams to integrate security throughout the SaaS application lifecycle, from selection and onboarding to offboarding. • Develop and present reports on the SaaS security posture, vendor risk, compliance status, and key security initiatives in existing Governance Forums. • Stay abreast of the latest security threats, vulnerabilities, and security best practices relevant to SaaS applications and their underlying cloud platforms.

• Architect and implement security frameworks across blockchain platforms, AI workloads, Kubernetes, and cloud infrastructure. • Define and own the security roadmap, ensuring alignment with business objectives and regulatory requirements. • Establish identity and access management (IAM) strategies, including secrets management, VPN/identity solutions, and Zero Trust principles. • Establish trust boundaries and enforce appropriate controls, including workload isolation, access restrictions, and data protection measures. • Design and oversee cloud (AWS) security architecture and enforce least-privilege access. • Implement Kubernetes security controls, including Pod Security Standards, network segmentation, and workload isolation. • Lead the creation of incident response playbooks, monitoring dashboards, and alerting mechanisms for blockchain, AI, and cloud environments. • Conduct regular security assessments, penetration tests, and threat modeling to validate platform resilience. • Collaborate with blockchain architects, AI engineers, DevOps, and business teams to ensure security is embedded across all phases of development and operations. • Stay current with emerging security standards, technologies, and threats in blockchain, AI, and cloud ecosystems.

**What You’ll Do** **Responsibilities:** - Architect and implement security frameworks across blockchain platforms, AI workloads, Kubernetes, and cloud infrastructure. - Define and own the security roadmap, ensuring alignment with business objectives and regulatory requirements. - Establish identity and access management (IAM) strategies, including secrets management, VPN/identity solutions, and Zero Trust principles. - Establish trust boundaries and enforce appropriate controls, including workload isolation, access restrictions, and data protection measures. - Design and oversee cloud (AWS) security architecture and enforce least-privilege access. - Implement Kubernetes security controls, including Pod Security Standards, network segmentation, and workload isolation. - Lead the creation of incident response playbooks, monitoring dashboards, and alerting mechanisms for blockchain, AI, and cloud environments. - Conduct regular security assessments, penetration tests, and threat modeling to validate platform resilience. - Collaborate with blockchain architects, AI engineers, DevOps, and business teams to ensure security is embedded across all phases of development and operations. - Stay current with emerging security standards, technologies, and threats in blockchain, AI, and cloud ecosystems.