• Implement and maintain AWS security configurations across development, staging, and production environments • Apply IAM best practices, including least-privilege access and role-based access controls • Configure and monitor AWS-native security services such as CloudTrail, GuardDuty, Security Hub, AWS Config, and Macie • Participate in cloud security reviews for new and existing services • Support security best practices in infrastructure-as-code (Terraform, AWS CDK) and CI/CD pipelines • Help maintain cloud security baselines aligned to CIS Benchmarks and AWS Well-Architected Framework • Contribute to secure Software Development Lifecycle (SDLC) practices, including shift-left security efforts • Participate in threat modeling and security design reviews • Operate SAST, DAST, and SCA tools integrated into CI/CD pipelines (e.g., Snyk, Checkmarx, Veracode, Semgrep) • Partner with engineering teams to remediate vulnerabilities and improve secure coding practices • Support development and maintenance of secure coding guidelines • Assist in vulnerability identification, triage, and remediation tracking across infrastructure and applications • Support internal and external penetration testing activities • Help track and report on vulnerability metrics and remediation progress • Support compliance efforts such as SOC 2 Type II and ISO 27001 audits • Collaborate with team members to improve security processes and documentation • Contribute to security runbooks and incident response procedures

• Lead & Build a High-Impact Security Engineering and Research Team • Build a team of elite security engineers and world-class domain experts across Detection and Response, including alert investigation, threat hunting, detection engineering, and threat intelligence • Act as a player/coach, setting strategic research and engineering directions while staying deeply involved in technical work • Establish a culture of high-quality research, rapid iteration, and operator-first thinking • Drive Product Effectiveness • Build and refine measurement and evaluation frameworks to ensure the analysis our agents produced is high quality and mirrors expert human outputs • Owns the process of encoding expert human intuitions and techniques into our agentic system • Work closely with rest of engineering to continuously improve the efficacy of our agents in real world deployments • Reimagine Detection and Response with agents • Prototype and test new ideas where unlimited analytical capacity can fundamentally change cyber defense • Serve as a key voice in shaping Dropzone’s product roadmap based on real-world operation experience • Pressure-test assumptions about how AI should be applied in security operations • Help define what “autonomous defense system” actually looks like in practice and be an industry thought leader around it

• Забезпечувати повний цикл розслідування та координації дій у відповідь на порушення безпеки або робочих процесів • Вести комунікацію з клієнтами та стейкхолдерами під час Data Breach інцидентів • Проводити Root Cause Analysis інцидентів, розробляти превентивні заходи та готувати звітність для топменеджменту • Аналізувати операційні процеси клієнтів з урахуванням інцидентів для виявлення потенційних загроз та формувати рекомендацій щодо проактивного підвищення рівня безпеки • Перевіряти безпеку постачальників, програмних платформ та сторонніх сервісів • Здійснювати аудит нових локацій для найму щодо відповідності стандартам захисту даних і впровадження інструментів безпеки • Готувати документацію та процедури управління інцидентами, а також підтримувати внутрішню базу знань.

• Translates high-level departmental strategy into team-level goals, milestones, and execution plans. • Takes responsibility for the performance, reliability, and culture of the team. • Anticipates resourcing needs, skill gaps, and operational risks; escalates appropriately. • Drives continuous improvement across workflows, processes, and operational practices. • Ensures team deliverables are scoped clearly, prioritized effectively, and completed on time. • Manages workload, planning, sprint cycles, and backlog health. • Implements processes that improve quality and predictability of output. • Supports cross-functional coordination, ensuring stakeholders understand timelines and dependencies. • Removes roadblocks that impede team progress and ensures issues are escalated appropriately.