• Manages development, documentation, and presentation of information system security education, awareness, and training activities for facility management, information system personnel, users and others, as appropriate. • Oversees identification and documentation of unique local threats/vulnerabilities to information system. • Manages coordination of the facility information system security program with other facility security programs. • Oversees periodic self-inspections of the facility's information system program are conducted as part of the overall facility self-inspection program and that corrective action is taken for all identified findings and vulnerabilities. • Manages development of facility procedures to govern marking, handling, controlling, removing, transporting, sanitizing, reusing, and destroying media and equipment containing classified information. • Manages reports of information system security incidents. • Follows up to ensure that proper protection or corrective measures have been taken when an incident/vulnerability has been discovered. • Oversees implementation of vendor supplied authentication (password, account names) features or security relevant features. • Oversees implementation of security features for the detection of malicious code, viruses, and intruders (hackers), as appropriate. • Develops and implements specific and remote maintenance procedures based on requirements provided by the CSA. • Oversees selection, hiring, training, and evaluation of employees to enhance their performance, development, and work product. • Addresses performance issues and makes recommendations for personnel actions. • Motivates and rewards employees including providing salary increases, bonuses and promotions within allocated budgets and company guidelines. • Oversees preparation and recommendation of operating and personnel budgets for approval. • Monitors spending for adherence to budget, recommends variances as necessary.

• Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives. • Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. • Provides complex engineering analysis and support for firewalls, routers, networks and operating systems. • Performs and evaluates vulnerability scans within a multi-platform, large enterprise environment. • Reacts to and initiates corrective action regarding security violations. • Oversees user access process to ensure operational integrity of the system. • Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwords. • Develops technical and programmatic assessments and provides technical support to assess security policies, standards and guidelines. • Reviews, recommends and oversees the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.

• Design and implement the identity, access, and security foundation of the Human-Led AI Orchestration Layer • Ensure that every Action Point™, AI decision, and workflow is securely authorized, auditable, and aligned with human intent • Implement and manage authentication using Clerk across frontend and backend • Design RBAC and permission models aligned with human-led decision workflows • Implement secure session handling, JWT validation, and token lifecycles • Integrate identity flows with FastAPI (Python) backend services • Support secure authentication flows in React + TypeScript frontend applications • Ensure consistent authorization enforcement across APIs, services, agents, tools, and data access layers • Implement best practices for OAuth2, JWT, CORS, CSRF protection, and rate limiting • Harden APIs and identity boundaries for multi-tenant SaaS use cases • Document identity architecture and provide knowledge transfer to the team • Design and implement identity and permission models for AI agents, tools, and automated workflows • Define and enforce capability-based permission scopes for agents

Role Description Our client is redefining how humans govern technology. As the Identity & Security Engineer, you will design and implement the identity, access, and security foundation of the Human-Led AI Orchestration Layer. You will ensure that every Action Point™, AI decision, and workflow is securely authorized, auditable, and aligned with human intent. This role sits at the intersection of frontend, backend, and cloud security. Everything you build is expected to be revenue-ready and enterprise-grade. Key Responsibilities - Identity & Authentication - Implement and manage authentication using Clerk across frontend and backend. - Design RBAC and permission models aligned with human-led decision workflows. - Implement secure session handling, JWT validation, and token lifecycles. - Backend & Frontend Integration - Integrate identity flows with FastAPI (Python) backend services. - Support secure authentication flows in React + TypeScript frontend applications. - Ensure consistent authorization enforcement across APIs, services, agents, tools, and data access layers. - Security & Compliance - Implement best practices for OAuth2, JWT, CORS, CSRF protection, and rate limiting. - Harden APIs and identity boundaries for multi-tenant SaaS use cases. - Document identity architecture and provide knowledge transfer to the team. - Agent & AI Action Security - Design and implement identity and permission models for AI agents, tools, and automated workflows. - Define and enforce capability-based permission scopes for agents (what actions they can take, on what data, in which contexts). - Implement human-in-the-loop approval gates and policy enforcement points for sensitive or high-impact actions. - Prevent privilege escalation, cross-tenant access, and unauthorized tool or data usage by agents. - Design sandboxing and blast-radius containment strategies for semi-autonomous workflows. Qualifications - Hands-on experience implementing authentication and authorization in web applications. - Strong experience with Clerk (or equivalent identity providers). - Deep understanding of OAuth2, JWT, and session management. - Experience with FastAPI (Python) backend systems. - Frontend integration experience with React + TypeScript. - Strong security fundamentals and threat-model awareness. - Proficiency with Git and remote collaboration. Preferred Qualifications - Experience with Azure deployments and DevOps workflows. - Familiarity with Infrastructure-as-Code. - Experience implementing RBAC in multi-tenant SaaS platforms. - Background securing workflow or decision-support systems. Benefits - Flexible work structure of 20–40 hours per week, depending on role scope and workload. - Outcome-driven role, not hour-tracked. - Compensation provided as a fixed monthly stipend, aligned to responsibilities and expected ownership. - Stipend remains consistent as long as commitments are met and performance remains strong. - Environment requires clear ownership and follow-through, proactive communication, and consistent, high-quality delivery. - Flexibility is paired with accountability—team members are trusted to manage their time while ensuring outcomes, team continuity, and customer commitments are fully upheld.