• Analyze vulnerable and malicious code • Track emerging threats • Build tools and processes that detect, prevent, and remediate malware and other security issues

• Analyze large-scale SaaS security data, investigate incidents, and develop advanced threat detection strategies • Dive deep into terabytes of SaaS Application data to identify new attack vectors, emerging threats, and vulnerabilities • Utilize your technical prowess to investigate complex SaaS & AI security incidents • Leverage your expertise in data analysis to fine-tune detection rules and algorithms • Drive thought leadership initiatives by creating technical blog posts, delivering webinars, and speaking at conferences • Collaborate with security researchers and data scientists to define new threat detection strategies • Continuously monitor and analyze SaaS attack techniques and adapt security posture accordingly • Work with APIs and integrations to ingest security logs from various SaaS platforms

• Lead security certification & audit readiness (ISO 27001 / SOC 2). • Operate the ISMS controls program. • Evidence management & auditor response. • Risk management program execution. • Metrics, reporting, and stakeholder enablement. • Manage periodic reviews and updates of security policies and procedures. • Partner with an outsourced/internal audit function to validate control performance. • Support cross-functional education and adoption of security requirements.

• Partner with data owners and the Data team to identify and inventory critical data assets across the enterprise. • Implement automated and programmatic classification of sensitive data using tools such as Wiz, Microsoft Purview, Varonis and other data security solutions. • Develop and maintain data protection policies aligned with regulatory standards (e.g., HITRUST, HIPAA). • Apply and tune DLP policies across email, cloud, USB, printing, and endpoint channels. • Build dashboards, alerts, and metrics for real-time monitoring of data protection events. • Implement and manage data rights enforcement mechanisms to ensure appropriate access and usage of sensitive data. • Contribute to the deployment and tuning of DSPM tools such as Wiz, Zscaler, Varonis, Imperva and others to enhance visibility and control. • Collaborate with infrastructure teams to ensure backup and recovery strategies align with data protection objectives and support immutable backups. • Integrate DLP and DSPM tools with SIEM for incident response, ticketing, and compliance reporting. • Work closely with CAQH teams to align protection strategies with business operations. Provide training and documentation to business units on data protection best practices.