• Build and mature a detection and response program • Detect and respond to security incidents and participate in an incident on-call rotation • Develop innovative ways to detect security incidents. • Design and build the security for the future of our infrastructure. • Partner with the infrastructure team, engineering team, compliance team and within security teams to maintain and further improve our cloud security posture. • Create solutions and processes to identify, resolve and mitigate security vulnerabilities and risks. • Research threats and attack vectors that impact WW applications and infrastructure. • Devise and bolster defense-in-depth through secure-by-default frameworks, architectures and processes. • Mentor and share security standards and processes with all parts of the organization.

• As a Security Engineer at Offchain Labs, you will play a key role in defining and improving our cloud security posture and collaborate across teams to ensure that our operations are secure, compliant, and aligned with regulatory and industry best practices - such as SOC2. • Leverage your extensive experience in Cloud Security to design, implement, and improve secure cloud-native architectures and CI/CD pipelines. • Apply deep expertise in cloud infrastructure security to proactively identify risks, enforce best practices, and harden systems across the entire technology stack. • Automate security controls and educate developers for future-proofing against vulnerabilities. • Play an active part in designing and evolving the company’s overall information security governance and compliance program through: policies, standards, procedures, awareness. • Work closely with engineering, infrastructure, and product teams to make sure controls fit both business objectives and technical realities.

• Assess the current cloud and infrastructure security posture across AWS environments, Kubernetes platforms, and supporting services • Identify critical gaps and define a prioritized roadmap for improving security maturity across identity, runtime, network, and platform layers • Define and implement enterprise security controls across IAM governance, workload/runtime posture, and DNS security • Embed security guardrails, standards, and policies into the Platform Engineering and Cloud Center of Excellence (CoE) frameworks from the beginning of the transformation • Partner with platform teams to design secure-by-default self-service infrastructure patterns, templates, and workflows • Establish identity and access governance models including account strategy, role design, least-privilege policies, and federated access • Design and implement security standards for Kubernetes and containerized workloads, including supply chain security, workload isolation, and runtime protection • Define DNS and network security practices, including private networking, segmentation, service discovery, and threat protection • Collaborate with DevSecOps teams to integrate automated security testing, policy enforcement, and compliance checks into CI/CD pipelines • Support the creation of security observability, monitoring, incident response, and threat detection capabilities across the platform • Provide security leadership and mentoring to engineering teams to promote security ownership and best practices • Support organizational change management and stakeholder alignment to ensure security adoption across teams • Continuously evolve the security framework as the platform and operating model mature

• Assess the current cloud and infrastructure security posture across AWS environments, Kubernetes platforms, and supporting services • Identify critical gaps and define a prioritized roadmap for improving security maturity across identity, runtime, network, and platform layers • Define and implement enterprise security controls across IAM governance, workload/runtime posture, and DNS security • Embed security guardrails, standards, and policies into the Platform Engineering and Cloud Center of Excellence (CoE) frameworks from the beginning of the transformation • Partner with platform teams to design secure-by-default self-service infrastructure patterns, templates, and workflows • Establish identity and access governance models including account strategy, role design, least-privilege policies, and federated access • Design and implement security standards for Kubernetes and containerized workloads, including supply chain security, workload isolation, and runtime protection • Define DNS and network security practices, including private networking, segmentation, service discovery, and threat protection • Collaborate with DevSecOps teams to integrate automated security testing, policy enforcement, and compliance checks into CI/CD pipelines • Support the creation of security observability, monitoring, incident response, and threat detection capabilities across the platform • Provide security leadership and mentoring to engineering teams to promote security ownership and best practices • Support organizational change management and stakeholder alignment to ensure security adoption across teams • Continuously evolve the security framework as the platform and operating model mature