• Design and develop detection logic and security rules to identify threats, suspicious behaviors, and misconfigurations across SaaS applications. • Research SaaS platforms (e.g., Google Workspace, Microsoft 365, Salesforce, Slack, etc.) to understand security models, APIs, and potential attack surfaces. • Translate real-world attack techniques and SaaS security risks into scalable product capabilities, including detections, posture checks, and risk signals. • Contribute to both threat detection and posture management content, ensuring broad coverage across identity, access, integrations, and data exposure risks. • Analyze large-scale SaaS telemetry to identify patterns, anomalies, and opportunities for new detections or improvements. • Continuously improve detection quality by reducing false positives and ensuring signals are actionable for customers. • Collaborate with Engineering to productionize detection logic and ensure reliable execution at scale. • Partner with Product to shape how security insights are surfaced, prioritized, and explained to users. • Stay current on emerging SaaS attack techniques, identity threats, OAuth risks, and AI-related security considerations. • Contribute to internal knowledge sharing and help elevate SaaS security expertise across the organization.

• Implement and sustain security controls aligned to CMMC Level 1/2, NIST SP 800-171, and CUI/ITAR requirements • Design and maintain PKI (Public Key Infrastructure) and certificate lifecycle • Implement and manage Identity & Access Management (IAM/IGA) solutions • Drive continuous compliance monitoring and maintain ongoing audit readiness • Support ITGC controls in alignment with established governance frameworks • Serve as the primary Level 3 escalation resource for complex infrastructure and security challenges • Mentor and provide technical guidance to junior engineers • Champion operational continuity and long-term infrastructure stability • Oversee patch management and vulnerability remediation programs • Manage Group Policy (GPO) design, implementation, and enforcement • Develop and maintain secure, standardized golden images • Apply CIS/NIST hardening baselines across systems and environments • Support secure lifecycle management from deployment through decommission • Support Active Directory / Azure AD (Entra ID) architecture, integrations, and governance • Administer Microsoft Intune for endpoint compliance and configuration management • Deploy and manage virtual machines and cloud services within Azure, including GCC High • Design, maintain, and optimize infrastructure across hybrid Azure environments

• Implement and maintain AWS security configurations across development, staging, and production environments • Apply IAM best practices, including least-privilege access and role-based access controls • Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie • Participate in cloud security reviews for new and existing services • Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines • Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework • Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts • Participate in threat modeling and security design reviews • Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep) • Partner with engineering teams to remediate vulnerabilities and improve secure coding practices • Support development and maintenance of secure coding guidelines • Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications • Support internal and external penetration testing activities • Help track and report on vulnerability metrics and remediation progress • Support compliance efforts such as SOC 2 Type II and ISO 27001 audits • Collaborate with team members to improve security processes and documentation • Contribute to security runbooks and incident response procedures

• Lead & Build a High-Impact Security Engineering and Research Team • Build a team of elite security engineers and world-class domain experts across Detection and Response, including alert investigation, threat hunting, detection engineering, and threat intelligence • Act as a player/coach, setting strategic research and engineering directions while staying deeply involved in technical work • Establish a culture of high-quality research, rapid iteration, and operator-first thinking • Drive Product Effectiveness • Build and refine measurement and evaluation frameworks to ensure the analysis our agents produced is high quality and mirrors expert human outputs • Owns the process of encoding expert human intuitions and techniques into our agentic system • Work closely with rest of engineering to continuously improve the efficacy of our agents in real world deployments • Reimagine Detection and Response with agents • Prototype and test new ideas where unlimited analytical capacity can fundamentally change cyber defense • Serve as a key voice in shaping Dropzone’s product roadmap based on real-world operation experience • Pressure-test assumptions about how AI should be applied in security operations • Help define what “autonomous defense system” actually looks like in practice and be an industry thought leader around it