• Own and maintain cloud infrastructure across AWS and container-based environments • Design, build, and maintain infrastructure using Infrastructure as Code tools such as Terraform • Support with future replatforming and infrastructure modernisation initiatives, including migration from Heroku to AWS container platforms • Manage vulnerability remediation processes including CVE tracking, security patching, and maintaining regular patching cadences • Support operational resilience (OR), disaster recovery (DR), backup strategies, and business continuity planning • Help maintain and improve security and compliance processes aligned with ISO27001 framework • Improve system reliability, scalability, resilience, and performance across the Mast platform • Troubleshoot infrastructure, platform, networking, and security related issues across environments • Contribute to incident response processes and ongoing operational improvements • Build systems and tooling that automate infrastructure management and operational workflows wherever possible • Implement and maintain observability tooling including monitoring, logging, alerting, and tracing • Building tools and platforms that enable product teams to provision resources autonomously (self-service) • Building and maintaining CI/CD pipelines and deployment workflows to improve developer experience and delivery velocity • Introducing guardrails for self-service cloud engineering by development teams

• Design vulnerable multi-component applications and security challenge environments across languages such as Go, Python, Node.js, or Rust • Develop realistic exploit chains combining multiple vulnerability categories and attack vectors • Build deterministic evaluation environments using Docker and automated validation tooling • Create security-focused test cases and verification logic for vulnerability detection and remediation workflows • Review and analyze AI-generated outputs to identify gaps in reasoning, security understanding, or exploit detection • Develop adversarial scenarios involving misleading documentation, obfuscated code, edge cases, and hidden attack paths • Model real-world vulnerability classes inspired by CVEs, bug bounty findings, and production security incidents • Ensure evaluation tasks remain scalable, reproducible, and resistant to contamination from public datasets • Collaborate with cross-functional teams working on AI evaluation, benchmarking, and automated testing systems

• Owning the technical relationship with customers from onboarding through renewal • Performing technical presentations and demos for customers and partners • Communicating concepts to audiences, including executive-level decision-makers, and follow up with technical staff in all areas • Adapting to complex, changing business environments to deliver valuable solutions to enterprise customers • Providing updates to customers on requested features, bug fixes, and product roadmaps • Familiarizing yourself with customer environments, requirements, and milestones in order to help drive value

• Review and triage high volumes of test-centre incident reports • Support investigations into potential exam security issues • Manage security-related policy exceptions • Communicate clearly and professionally with candidates and internal stakeholders • Contribute to updates to exam security policies, procedures and guidance • Support initiatives that protect CFA Institute exam content