• Design, implement, and maintain security controls across AWS services (EC2, S3, RDS, EKS, ECS, Lambda, API Gateway) • Configure and optimize AWS security services including GuardDuty, CloudTrail, CloudWatch, Security Hub, and AWS Config • Implement VPC security architecture, network segmentation, security groups, and NACLs • Manage CloudFront and ALB security configurations including WAF rules • Secure containerized workloads and serverless architectures • Design and implement least-privilege IAM policies, roles, and permission boundaries • Manage AWS Identity Center (SSO) and integration with Okta • Conduct access reviews and support user provisioning while maintaining security standards • Implement secure service-to-service authentication patterns • Monitor and respond to security alerts from GuardDuty, CloudTrail, and AWS security services • Investigate and remediate security findings from Wiz cloud security platform • Perform threat analysis and security incident investigation • Develop security incident response playbooks for cloud threats • Implement and maintain security controls for Databricks workspaces on AWS • Support SOC 2 and other compliance audit requirements • Maintain security documentation and audit trail evidence • Enforce security policies and compliance standards across AWS accounts • Partner with Engineering, DevOps, and IT teams to integrate security into cloud operations • Automate security processes using Infrastructure as Code • Document security architectures, procedures, and runbooks • Provide security guidance on AWS best practices • Coordinate with external security vendors, testers, and auditors as needed

• Own and manage Zafran’s security compliance program, including SOC 2, ISO 27001, and other relevant frameworks • Lead the response to customer security questionnaires and vendor security assessments, ensuring timely and accurate completion • Build and maintain Zafran’s internal security controls framework and evidence collection processes • Establish and manage continuous compliance monitoring and validation initiatives • Develop and maintain security policies, standards, and procedures that support both compliance and business objectives • Manage relationships with external auditors and assessors during compliance audits • Drive security awareness training and secure development practices across the organization • Support customer-facing security conversations during sales cycles and onboarding • Monitor regulatory changes and emerging compliance requirements relevant to SaaS platforms • Build scalability into GRC processes through automation and tooling improvements

• Serve as the technical implementation bridge between the security policy team and development operations. • Be embedded with development teams, writing code, configuring systems, and implementing security controls across applications, databases, and AI systems. • Bridge security policy and technical execution by translating organizational security requirements into practical, deployable solutions. • Implement secure-by-design practices throughout the software development lifecycle, including code-level remediations and configuration hardening. • Develop automation scripts and infrastructure-as-code to integrate security into CI/CD pipelines. • Perform hands-on technical security assessments including penetration testing and threat modeling.

• Installation, troubleshooting, and maintenance of fire alarm systems infrastructure. • Running low-voltage cabling in commercial buildings, including drilling concrete walls and limited conduit work. • Installing cable support structures such as j-hooks, cable racks, and innerduct. • Conducting tests to ensure all newly installed cable systems and component devices are operational. • Troubleshooting issues with cable networks and fire alarm panels. • Ensuring all installations and repairs comply with NFPA standards, including NFPA 70 and 72. • Collaborating with team members on pre-installation design and planning. • Maintaining accurate and detailed records of all work performed. • Adhering to all required project safety requirements as set forth by Wachter, our customers, or OSHA.