• Design comprehensive identity and AI access solutions that scale with our business growth, from AI agent governance frameworks to privileged access workflows that eliminate standing access through just-in-time provisioning • Lead identity and access engineering for our enterprise AI platforms including administration, SSO and SCIM integration, audit logging, data controls, and policy enforcement for Claude (web, Claude Code, Cowork) and adjacent tools • Codify our identity platforms in Terraform, leading the migration of Okta, Lumos, and our NHI platform from click-ops to peer-reviewed infrastructure-as-code, with a focus on global critical policies • Refactor our authentication framework to implement advanced conditional access controls such as device trust, location-based policies, risk-based step-up authentication, and behavioral analytics across our entire SaaS ecosystem • Pioneer non-human identity governance by designing monitoring and management solutions for service accounts, API keys, certificates, AI agents, and MCP integrations, and leading deployment, integration, and operationalization of our NHI platform across the SaaS estate • Drive cross-functional initiatives with Security, IT, Engineering, Enterprise AI, and the Office of the CIO to extract requirements from ambiguous business needs and translate them into actionable technical specifications • Mentor senior and intermediate engineers on technical implementation and strategic thinking, helping them develop expertise in modern identity and AI security practices

• Build and maintain strong relationships with AWS account teams, technical teams, and partner contacts to drive co-sell and joint GTM opportunities • Enable AWS teams to prospect and sell with Upwind, representing our solutions effectively to their customers • Train and support Upwind’s sales organization on working with AWS for co-sell, marketplace, and partner programs • Track and report on co-sell activity, joint pipeline, and partner-influenced deals, providing actionable insights to leadership • Collaborate with internal sales, marketing, and solutions engineering teams to execute joint campaigns, co-branded programs, and GTM initiatives • Support AWS Marketplace activities, including private offers, deal registration, and partner funding programs • Manage a large number of contacts and programs, ensuring organized and timely follow-up

Role Description The Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization’s cybersecurity posture. - Security Platform Administration: Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies. - Security Telemetry Integration: Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms. - Detection Engineering: Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives. - SIEM Data Management: Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection. - Security Automation Support: Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times. - Investigation Support: Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities. - Platform Integration: Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment. - Operational Monitoring: Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines. - Technical Documentation: Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations. - Continuous Improvement: Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC. Qualifications - Experience: Minimum of 3–5 years of cybersecurity or security engineering experience supporting enterprise security operations environments. - Security Engineering Experience: Hands-on experience supporting enterprise security monitoring technologies including SIEM, EDR, and log management platforms. - Detection Engineering Knowledge: Experience creating, tuning, and maintaining detection content and alerting logic. - Security Telemetry Experience: Familiarity with log collection, normalization, and telemetry integration across enterprise environments. - Security Automation Experience: Experience implementing or supporting automation workflows within SOC or incident response operations. - Enterprise Security Knowledge: Strong understanding of enterprise infrastructure, cloud environments, identity systems, and network security monitoring. - Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO 27001. Requirements - Able and willing to obtain a US Security Clearance. - On-Call Support: Participates in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability. Physical Demands - While performing the duties of this job, the employee is regularly required to sit at a desk and use a computer for extended periods. - The position is generally sedentary but may require walking or standing for brief periods of time. - Employee may occasionally be required to move, carry, push, pull and/or lift objects up to 10 pounds. Work Environment - Job is performed in an office place setting. - The noise level in the work environment is generally very low with minimal background noise. - Comfortable climate control and adequate lighting.

Role Description The Senior Security Engineer is responsible for supporting the engineering, implementation, and optimization of the security technologies, telemetry integrations, detection content, and automation capabilities that enable effective enterprise security monitoring and incident response operations. This role works closely with the Security Engineering Manager, SOC analysts, enterprise IT teams, and platform owners to ensure the reliability, scalability, and operational effectiveness of enterprise security monitoring capabilities. The Senior Security Engineer will contribute to the continuous improvement of SOC technologies, detection engineering, and automation initiatives that strengthen the organization’s cybersecurity posture. Responsibilities - Security Platform Administration: Support the operation, maintenance, and optimization of SOC security platforms including SIEM, EDR, and related monitoring technologies. - Security Telemetry Integration: Configure and maintain telemetry integrations to ensure enterprise visibility across infrastructure, cloud, identity, and endpoint platforms. - Detection Engineering: Develop, tune, and maintain detection rules, alerts, and correlation logic to improve threat detection capabilities and reduce false positives. - SIEM Data Management: Monitor SIEM performance, data ingestion pipelines, and log normalization processes to ensure reliable and accurate data collection. - Security Automation Support: Implement and maintain automation and orchestration workflows to improve SOC operational efficiency and investigation response times. - Investigation Support: Provide technical support and expertise to SOC analysts during security investigations, threat hunting, and incident response activities. - Platform Integration: Collaborate with enterprise IT, cloud, and infrastructure teams to onboard new systems and services into the SOC monitoring environment. - Operational Monitoring: Monitor the health, reliability, and performance of security monitoring infrastructure and telemetry pipelines. - Technical Documentation: Maintain documentation related to detection logic, engineering procedures, telemetry integrations, and SOC platform configurations. - Continuous Improvement: Identify opportunities to enhance monitoring coverage, improve detection quality, and optimize engineering workflows within the SOC. Qualifications - Experience: Minimum of 5–8 years of cybersecurity or security engineering experience supporting enterprise security operations environments. - Security Engineering Experience: Hands-on experience supporting enterprise security monitoring technologies including SIEM, EDR, and log management platforms. - Detection Engineering Knowledge: Experience creating, tuning, and maintaining detection content and alerting logic. - Security Telemetry Experience: Familiarity with log collection, normalization, and telemetry integration across enterprise environments. - Security Automation Experience: Experience implementing or supporting automation workflows within SOC or incident response operations. - Enterprise Security Knowledge: Strong understanding of enterprise infrastructure, cloud environments, identity systems, and network security monitoring. - Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework, CIS Critical Security Controls, and ISO 27001. Requirements - Able and willing to obtain a US Security Clearance. - On-Call Support: Participates in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability. Physical Demands - While performing the duties of this job, the employee is regularly required to sit at a desk and use a computer for extended periods. - The position is generally sedentary but may require walking or standing for brief periods of time. - Employee may occasionally be required to move, carry, push, pull and/or lift objects up to 10 pounds. Work Environment - Job is performed in an office place setting. - The noise level in the work environment is generally very low with minimal background noise. - Comfortable climate control and adequate lighting.