• Projetar, implementar e operar soluções de network security em ambientes cloud • Definir e direcionar padrões de arquitetura de rede (Hub & Spoke, segmentação, Zero Trust) • Garantir controle de tráfego (ingress/egress), inspeção e isolamento de ambientes • Atuar na governança e evolução do uso de serviços de rede e segurança em cloud • Projetar e sustentar estratégias de controle de egress e inspeção de tráfego • Definir e implementar arquitetura de DNS como componente de segurança • Atuar em troubleshooting avançado de rede e performance • Integrar soluções de rede com identidade e controles de acesso • Apoiar decisões técnicas relacionadas a conectividade híbrida e multi-região • Trabalhar com infraestrutura como código e automação de ambientes • Interagir com times de segurança, cloud e aplicações

• Act as the Subject Matter Expert (SME) for Endpoint Detection and Response (EDR) tools/process including optimizing configurations/policies, developing custom threat detection rules, and proactively improving Deel’s overall security posture for remote endpoints (Mac and Windows) and cloud assets (Eg, VMs). • Configure, manage, and tune the full suite of security policies within SWG, CASB and ZTNA. Assist our remote colleague with seamless experience through troubleshooting end user issues as needed. • Continuously improve SaaS security posture with SSPM tools and processes around it. Collaborate with diverse application owners, understand security control and resolve configuration drifts for our wide range of SaaS applications from baseline. • Develop a rigorous review, approval, policy enforcement and auditing for browser extensions, third party OAuth applications for SaaS applications such as Google Workspace, GitHub, Jira etc to meet security and privacy standards. • Design, implement, and audit security policies related to enterprise browsers (Eg, Island, Chrome Enterprise etc) including controlling access to sensitive web apps, and data loss prevention (DLP) configuration, ZTNA, secure web browsing experience but not limited to. • Manage DLP policies across Endpoint, Network, SaaS Applications and Cloud assets, directly supporting the "Crawl-Walk-Run" program phases. Ensure DLP policies meet diverse data sovereignty, privacy (GDPR, CCPA, etc.), and national regulatory requirements. • Run vulnerability management programs for endpoints and servers and ensure they are patched according to the policy in collaboration with stakeholders.

• Own and execute Slingshot’s cybersecurity strategy across enterprise, product, and operational environments. • Lead readiness and implementation for CMMC, NIST SP 800-171, DFARS, and related government cybersecurity requirements. • Establish and scale secure software development lifecycle (SDLC), application security, and DevSecOps practices. • Design and oversee cloud security architecture across AWS/Azure/GovCloud environments. • Drive audit readiness, including System Security Plans (SSPs), POA&Ms, and continuous monitoring programs. • Partner with Product and Engineering to embed security into development without slowing delivery velocity. Build and operate security monitoring, detection, vulnerability management, and incident response capabilities. • Lead executive-level incident response, including customer communication and regulatory reporting. • Develop and enforce identity, access management, data protection, and logging strategies across systems. • Oversee third-party/vendor risk management and supply chain security, including flowdown requirements. • Partner with the Facility Security Officer (FSO) on classified programs, insider threat initiatives, and industrial security requirements. • Ensure secure handling of CUI/FCI and readiness for customer audits and security questionnaires. • Define and communicate cyber risk to executive leadership, board members, and customers. • Support business development by enabling compliance required to win and execute government contracts. • Build and scale a lean, high-performing security team aligned to company growth.

• Lead the vision, scope, and roadmap for security and risk initiatives across various platforms and product domains. • Oversee the transition of security protocols from the initial design phase through to sustainable line organisation. • Direct the activities of technical experts and analysts to ensure that architectural designs comply with risk and security requirements. • Act as the primary authority for cross-domain security decisions and the main interface for senior stakeholders. • Design and maintain governance models that define clear roles, responsibilities, and interfaces between technical teams and compliance functions. • Balance regulatory obligations with technical feasibility to provide actionable guidance for delivery teams. • Ensure consistent adoption of security architecture principles and patterns across the entire infrastructure. • Align technical domains with internal and external standards, translating complex rules into procedural requirements. • Manage the impact of regulatory changes on architecture and project delivery timelines. • Build long-term capability through knowledge-sharing, training, and fostering a "security by design" culture.