• Lead end-to-end security audits of Veda's smart contract systems, with focus on the BoringVault architecture, cross-chain bridge integrations, and complex DeFi composability patterns • Identify novel attack vectors in vault accounting logic, share pricing mechanisms, and multi-strategy capital allocation systems • Partner with external audit firms to coordinate comprehensive reviews and effectively address findings • Evolve Veda's smart contract security standards, testing methodologies, and deployment practices • Mentor smart contract engineers on secure coding patterns, gas optimization trade-offs, and defense-in-depth strategies • Serve as the security subject matter expert in architecture discussions and design reviews • Build and maintain custom security tools including fuzzing harnesses, invariant testing frameworks, and symbolic execution pipelines • Research emerging attack patterns in DeFi and translate findings into defensive measures • Contribute to Veda's security knowledge base through internal documentation and post-mortems • Design and implement real-time monitoring systems for on-chain anomaly detection • Lead on-chain security incident response when needed, including root cause analysis and remediation • Maintain security runbooks and escalation procedures for the engineering team

• The Security Manager safeguards the confidentiality, integrity, and availability of our systems, data, facilities, and medical operations. • This role leads security governance, risk management, and compliance efforts; oversees security operations and incident response; and partners with IT, Clinical Operations, Privacy, and Compliance to ensure our organization meets regulatory requirements (e.g., HIPAA Security Rule) and industry frameworks (e.g., SOC 2, HITRUST). • Accountable for proactive risk reduction, rapid detection and response to threats, and building a strong security culture across the company. • Work closely with our engineering team and third-party security partners to define secure coding standards, validate security controls, and coordinate penetration testing and remediation for a modern cloud-native stack built on Azure, .NET Minimal APIs, Blazor WASM, MAUI, and PostgreSQL.

• Own the Security Program — End to End • Design and own GenLogs’ company-wide information security strategy • Define the security roadmap under constrained resources • Set enforceable security requirements across engineering, operations, and corporate IT • Maintain independence from DevOps while collaborating closely with them • Serve as the final authority on security risk acceptance • Identify and Protect Existential Assets (Day-Zero Focus) • Own IAM strategy across all systems • Enforce least-privilege, role-based access, MFA, and privileged access reviews • Define what incident response looks like before it happens • Build and maintain a phased execution plan • Own SOC 2 end-to-end • Ensure compliance does not degrade operational velocity • Brief the C-suite clearly on risk tradeoffs and consequences • Position GenLogs for more sensitive enterprise and government work

• Own and drive remediation of security vulnerability tickets across commercial and regulated environments • Coordinate closely with vulnerability management and site reliability engineering teams to ensure timely remediation within SLA • Analyze vulnerability trends to identify process gaps and recommend improvements to triage and remediation workflows • Track remediation progress and provide weekly status updates to management, including risk identification and mitigation plans • Collect and maintain remediation evidence to support compliance audits and regulatory requirements (e.g., PCI, SOC 2, C5) • Support secure operations across cloud and Linux-based infrastructure environments