• Influence, consult with and build collaborative working relationships with senior business and IT leadership at the VP/Officer and C levels to help meet long term security objectives • Conduct risk assessments, evaluate alternative strategies, develop recommendations and ensure responsive communication with business representatives, security management, and third party vendors • Participate in the design review process and support the overall Security Architecture process • Influence and drive change to security architecture processes, strategies and standards, as needed in areas such as: Cloud infrastructure, A.I., information security, Data Loss Prevention, Intrusion Prevention, Threat and Vulnerability Management, and Identity and Access Management • Partner with management in defining and setting appropriate, implementable information security policy and ensuring alignment to standard operating procedures, instructions and standards • Develop, maintain and implement security policies, processes, tools and methodologies that support security architecture standards and ensure effective evolution of security architecture within the organization • Research, evaluate, recommend, plan implementation of, and test new or improved information security software or devices • Coordinate analysis of new or enhanced software application or tool implementations for impacts to existing security software and devices • Participate in and/or lead forensic investigations and eDiscovery of suspected information security issues or in compliance reviews as requested by auditors, HR, Ethics, or Legal • Utilize security expertise and knowledge of new and emerging cyber attacks threats to make recommendations to management regarding implementation of best practices and/or process improvements to proactively protect the company’s systems and networks • Provide informal work coordination and leadership/coaching to less experienced information security staff

• Implement and maintain security controls across multi-cloud environments and on-prem infrastructure • Own IAM strategy and implementation • Design and operate key management and custody security controls • Harden CI/CD pipelines and secure the software delivery process • Configure and operate corporate security tooling • Respond to security incidents • Conduct security assessments of infrastructure and applications • Automate security operations • Work with Infrastructure to embed security into cloud provisioning and system configuration

• Develop, deploy, and support self-service security tools and services that constitute the internal security platform. • Contribute knowledge and support for security projects, including support of tool integration and implementation of new security capabilities within the platform. • Support & improve security integrations into CI/CD pipelines (SAST, DAST, SCA, IAST, etc.) and developer workflows. • Maintain deployment of secure multi-cloud environments (AWS, Azure, GCP) using Infrastructure as Code (e.g., Terraform, Ansible). • Assist with security architecture reviews of new products and features, contribute to threat models, and support adoption of security-as-code best practices. • Work with the Site Reliability Engineering (SRE) team to maintain & respond to automated monitoring and security integrations for production systems. • Collaborate with internal security teams to support compliance, incident response, and operational security requirements. • Enable and support the adoption of security engineering best practices and standards across the organization. • Evangelize the use of security platform tooling and deliver high-impact DevSecOps training and outreach to internal development & engineering teams. • Participate members of the Security team and security advocates in advanced DevSecOps principles, platform engineering, and secure coding practices.

• Lead secure design reviews, threat modeling, and security-focused code reviews across the product and platform. • Ensure security is ingrained into the SDLC so that the secure path is the easy path for engineers with secure-by-default libraries, patterns, and guardrails. • Own authentication, authorization, API security, and data protection architecture for a multi-tenant SaaS platform. • Architect and maintain security tooling integrated into CI/CD pipelines: static analysis, dependency scanning, secrets detection. • Evaluate and mitigate risks specific to Fieldguide's AI Agents — prompt injection, data leakage through LLM contexts, unauthorized tool use, and unintended agent behaviors. • Partner with Agent and Platform teams to define security boundaries for agent execution: sandboxing, least-privilege tool access, and runtime policy enforcement. • Build and run Fieldguide’s vulnerability management program: scanning, triage, SLA-driven remediation tracking, and engineering coordination. • Ensure visibility into vulnerability posture across application code, dependencies, and infrastructure. • Manage external penetration testing engagements, bug bounty programs, and coordinate remediation of findings. • Partner with infrastructure engineering to review and improve cloud security across our AWS environment: IAM, network architecture, secrets management, and logging. • Establish runbooks, communication protocols, and post-incident review practices in coordination with a 24/7 MDR team. • Collaborate with engineers on incident response processes and playbooks. • Partner with Compliance to ensure technical controls satisfy framework requirements (SOC 2, ISO 27001, ISO 42001, FedRAMP).