• Build, operationalize, and scale the security engineering practices that protect the benefits platform • Work across application security, cloud security, security architecture, supply chain security, detection engineering, and vulnerability management • Partner deeply with the teams building web and mobile applications, backend services, system integrations, card and banking workflows, infrastructure as code, and data platforms • Turn risk reduction into scalable guardrails, automated controls, and clear engineering guidance • Help define secure AI tooling usage, LLM and code-assistant governance, and data protection practices for AI-enabled development workflows • Balance ideal security outcomes with engineering velocity and business priorities

• Lead Contribute to security requirements in designing, developing, and deploying large-scale services and platforms • Conducting security architecture reviews of the application stack, including applications built on cloud and emerging technologies • Design and develop platform-level solutions to promote security-related initiatives and improvements. - Review source code for potential security issues, recommend and implement fixes • Providing specific risk assessment and remediation guidelines for developers and business owners - Belief in automation and tooling as a critical part of the software lifecycle • Document and disseminate security guidelines for common security issues, remediation guidance, and security baselines • Contribute to SOC2 and ISO 27001/27701 audits as needed • Work with developers to provide security guidance • Actively promote improving the security culture and education within the organization • Eager to learn new technologies and solutions • Be curious about how systems work and how they fail, design them to be sustainable in the face of failures

• Lead the continued evolution of LastPass's risk management framework to ensure it remains repeatable, scalable, and consistently applied • Design and scale the BISO-aligned advisory model, defining engagement patterns, communication flows, and partnership rhythms that embed GRC in business decisions • Provide just-in-time risk advisory for product development, engineering changes, supplier decisions, architecture reviews, and other high-impact initiatives, ensuring risks and tradeoffs are clearly understood • Build strong cross-functional partnerships, serving as a trusted advisor who translates complex technical and business risks into actionable, business-aligned recommendations • Coach GRC Analysts to adopt advisory behaviors, apply the risk framework consistently, and deliver high-quality just-in-time support across their aligned business areas • Partner with Governance and GRC Engineering to integrate risk insights with standards, continuous control monitoring signals, and assurance workflows • Lead technical and executive-level risk discussions through Risk Governance Committees, driving clarity, alignment to risk appetites, and accountable decisions • Produce clear, executive-ready risk narratives, reports, and dashboards that support leadership understanding, prioritization, and decision-making

• Work within a small team of developers who are specialists in Rust, Swift, Kotlin and Security Development • Implement new security features for the 1Password iOS and core hybrid applications • Assist in security design efforts or scoping initiatives for new features • Demonstrate leadership in security development • Collaborate with teams across our hybrid core architecture • Mentor junior and new team members • Review code for others to maintain high code quality • Stay informed about the latest industry trends, technologies, and best practices in security development