• Colaborar con los equipos de desarrollo para comprender, verificar y solucionar los problemas de seguridad identificados • Determinar e informar el nivel de riesgo presente en los aplicativos • Utilizar los conocimientos de problemas frecuentes para crear y brindar orientación y mejores prácticas

• Lead end-to-end delivery of Cisco ISE and Firepower projects: discovery, High-level Design (HLD), Low-level Design (LLD), build, cutover, validation, documentation, and knowledge transfer. • Facilitate workshops to gather requirements, assess current state, and map outcomes to best practices and security frameworks (e.g., Zero Trust, NIST). • Create SOW inputs (scope, assumptions, milestones) and delivery artifacts (migration plans, rollback plans, test plans, runbooks). • Architect and deploy ISE in standalone and distributed personas (PAN/MnT/PSN), including HA and scale considerations. • Design 802.1X and MAB policies for wired/wireless, RADIUS/TACACS+ services, device profiling, posture assessment, and Guest/BYOD onboarding flows. • Build authorization policies using security group tags (SGT/TrustSec), dACLs, and dynamic VLANs; integrate with Active Directory/LDAP, PKI, Duo, and AnyConnect posture modules. • Design and implement FTD (physical and virtual appliances) managed by FMC (HA, clustering, multi-context where applicable).

• Design and implement comprehensive AI security architecture, including governance frameworks, data protection controls, model security standards, and usage policies for enterprise AI systems • Collaborate with the AI business deployment team to establish security requirements and controls for AI applications, ensuring alignment between business objectives and security standards • Develop and enforce AI usage policies and security guardrails for employees, including guidelines for acceptable use of generative AI tools, prompt engineering security, and data sharing restrictions • Establish security standards and best practices for AI/ML development teams, covering model training security, data pipeline protection, API security, and secure model deployment • Conduct AI-specific threat modeling and risk assessments, identifying vulnerabilities such as prompt injection, data poisoning, model theft, adversarial attacks, and privacy leakage • Define data classification and handling requirements for AI systems, ensuring sensitive customer information and personally identifiable information are appropriately protected in training datasets and model outputs • Evaluate and recommend AI security tools and technologies, including data loss prevention for AI interactions, AI gateway solutions, model monitoring platforms, and security testing frameworks • Partner with compliance and legal teams to ensure AI implementations meet regulatory requirements including insurance industry regulations, data privacy laws, and emerging AI-specific legislation • Create security awareness training programs focused on AI risks, responsible AI usage, and secure development practices for different user personas across the organization • Develop incident response procedures specific to AI security events, including model compromise, data leakage, and unauthorized AI tool usage • Monitor the evolving AI security landscape and provide strategic guidance on emerging threats, vulnerabilities, and security best practices • Establish metrics and reporting frameworks to measure AI security posture and communicate risk to executive leadership

• Deploy and operate vulnerability scanning across our cloud infrastructure. Triage findings and drive remediation with engineering teams. • Lead security assessments for internal and customer security needs (e.g. SOC 2 Type II, ISO 27001, HIPAA audits). • Maintain vulnerability and remediation documentation for auditors. • Act as a liaison between product, engineering, compliance, and GTM to guide and prioritize the right security investments. • Perform penetration tests, tabletop exercises, DR testing, and incident response. • Manage endpoint security tooling as we scale; conduct audit log reviews and maintain visibility across our stack.