• Design, develop, and maintain scalable, reliable, and efficient full-stack applications using ReactJS, NodeJS, NestJS, MongoDB, and PostgreSQL; • Work with cloud platforms (AWS, GCP, or Azure); • Apply software engineering best practices (SOLID, Clean Code); • Collaborate with teams to implement SaaS solutions and digital platforms; • Write unit tests and implement monitoring and incident response;

• Integrate our existing systems with exciting new blockchains • Design and implement low-latency, high-availability, super secure applications and data protection systems • Write highly scalable, high volume services • Write reusable, testable, and efficient code • Design and optimize database schemas • Own, develop and maintain existing crypto services

• Own the architecture for the TC.NET product domain, including integrations, network interactions, and cross‑system communication patterns. • Evaluate current state tech stack and lead its modernization using forward‑looking, practical, incremental approaches (no “throw it all out” solutions). • Define and communicate architectural guardrails, design patterns, and technical direction. • Engage directly with code, prototypes, and deep-dive investigations to resolve complex technical problems. • Coach engineers by zooming into component‑level details when needed, while maintaining domain-level architectural ownership. • Demonstrate the technical rigor expected at this level—this role is not management‑focused; engineering leadership already exists on the team. • Work closely with product partners to ensure architectural designs align with strategic needs. • Communicate effectively with engineering teams, leadership, and stakeholders—must be articulate, clear, and able to simplify complex concepts. • Balance modernization of legacy systems with the evolution toward scalable, cloud native and event driven architectures. • Incorporate AI/ML awareness and AI‑assisted system evolution where applicable; candidates must demonstrate foundational understanding of current AI technologies. • Assess the feasibility of modernization options and create incremental upgrade paths.

• Design, build, and maintain automated evidence collection and continuous control testing workflows in Vanta and supporting tools. • Develop and operate GRC automation pipelines using Claude Code and similar AI-assisted development tools — writing scripts, building integrations, and eliminating manual compliance processes at speed. • Build and maintain business intelligence dashboards and metrics reporting for the Security GRC team and broader security organization — including security posture, issue tracking, exception management, risk trends, and program delivery metrics. • Develop integrations between GRC platforms, cloud environments (AWS, GCP), identity providers, and business systems to automate compliance data flows. • Operationalize the AI Governance Council's review process — build intake workflows, risk assessment tooling, and tracking for AI use case governance. • Develop and maintain AI risk assessment frameworks and guardrails aligned to NIST AI RMF, ISO 42001, and emerging regulatory requirements. • Support SOC 2 Type II, HITRUST, HIPAA SRA/PRA, and other audit and assurance activities, through automated evidence preparation and control documentation. • Write scripts and build tooling (Python, APIs, workflow platforms, AI-assisted coding tools) to reduce cycle time and focus on scaling • Maintain and improve the control framework — map controls to obligations, identify gaps, and automate testing where possible. • Partner with SecOps, IT, Privacy, and Engineering teams to integrate GRC requirements into their toolchains and workflows. • Support enterprise risk management activities including risk register maintenance, KRI automation, and risk reporting. • Define and track key metrics across the security organization — translating raw data into executive-ready insights that drive decisions and demonstrate program maturity. • Other duties as assigned.