• Research emerging threats across the surface web, dark web, and deep web • Build threat models, conduct threat hunts, and plan and execute purple team engagements • Coordinate internal red team testing operations that emulate a threat actor • Collaborate with application development teams, platform engineers, and Security Operations Center (SOC) engineers to improve our offensive and defensive security controls • Contribute to vulnerability testing and analysis as well as incident response and analysis • Include testing for web, mobile, CLI, and desktop application security issues across our multi-product portfolio, including Bitwarden Password Manager, Secrets Manager, and Passwordless.dev, our APIs, serverless functions, and database • Participate in code reviews, learning and spreading technical knowledge about security posture • Contribute to resolutions for security-related issues • Coordinate technical validation and leadership review of purple team reports detailing testing results and potential areas of improvement • Conduct internal penetration tests on systems and networks to determine realistic threat vectors • Manage software tools for code scanning, vulnerability identification, and finding reporting • Effectively communicate findings, attack paths, and recommendations to stakeholders • Train others on the adversary simulation tactics and procedures used • Stay informed on current security trends, publications, and advisories • Assist to provide guidance and subject matter expertise as it pertains to all areas of security and technical operations, including analysis of our cloud environments, security testing and documentation, as well as investigations, software research, new technology, services and tools research, and vendor security analysis

• Develop a deep operational understanding of tools, architectures, and processes across the security ecosystem. • Build, maintain, and expand strategic relationships with key vendors and emerging technology partners. • Conduct evaluations of new technologies, products, and solutions to ensure alignment with client needs and industry best practices. • Maintain awareness of vendor certifications, industry advancements, and emerging security capabilities. • Lead and coordinate “vendor days” with key partners for internal team enablement and education. • Compare and contrast competitive solutions to determine the most effective fit for client requirements. • Serve as the design/architecture lead and primary technical interface for clients throughout the engagement lifecycle. • Identify vendors and partners that align to operational requirements, budgets, and client resource constraints. • Lead solution demos with vendor support, ensuring the demos are tailored to client objectives and clearly differentiated. • Produce, socialize, and document both operational and technical requirements. • Provide options and solution pathways that best align with client maturity, business strategy, and budget. • Evaluate client people, processes, and existing technologies to identify optimization opportunities. • Assist clients with the development of RFIs, RFPs, and program requirements. • Collaborate with GPS SMEs to provide specialized insight, assessments, or validation as needed. • Identify overlaps and gaps within client environments and provide clear recommendations for remediation or enhancement. • Perform technical validation and rationalization of proposed solutions to ensure feasibility, effectiveness, and long-term value. • Support compliance-aligned documentation efforts, ensuring architectures and decisions reflect industry and regulatory expectations. • Lead risk-mitigation activities throughout solution evaluation and implementation. • Advocate for client engineers and technical leaders, ensuring their priorities are incorporated and supported. • Support ongoing alignment of technical roadmaps with client strategic objectives and security programs. • Provide optimization strategies to improve solution adoption, operational efficiency, and measurable outcomes. • Coach client teams, ensuring clarity of roles, solution capabilities, and expected results. • Continuously update, refine, and communicate architectural plans to keep pace with evolving technologies and business needs.

• Design, implement, and manage firewall policies across Palo Alto and Checkpoint (Cloud) virtual firewalls • Configure and optimize firewall rules to meet business and security requirements • Implement security best practices for firewall configurations and policy management • Configure and manage Prisma Access for secure remote access and cloud-delivered security services • Implement and optimize Prisma Access policies and configurations • Integrate Prisma Access with existing security infrastructure • Utilize Strata Cloud Manager for centralized firewall management and configuration • Leverage Palo Alto Networks Panorama for policy deployment and management across multiple firewalls • Manage Checkpoint Cloud configurations through centralized management platforms • Process and implement firewall change requests following change control procedures • Troubleshoot firewall connectivity and policy issues • Perform firewall configuration updates and enhancements • Collaborate with network and security teams on firewall-related projects • Utilize Strata Cloud Manager and FireMon Security Manager for configuration management • Leverage existing tools for policy deployment and operational efficiency

• Establish monitoring and detection mechanisms to identify potential threats, and lead or assist in responding to incidents. • Conduct vulnerability assessments, penetration testing, and remediation of security weaknesses. • Automate tasks where possible, using scripting and configuration management tools. • Architect and implement security controls, including firewalls, intrusion detection systems, and encryption technologies. • Review of applications and systems to ensure industry best practices and security hardening.