• Design, build, and evolve customer-facing backend services and public APIs by understanding how different Chainguard products and customer segments use shared platform capabilities, and ensuring APIs and services work well for all of them. • Own features end-to-end: from design through implementation, rollout, and iteration, in close partnership with Product Management and the Experience (front-end) team. • Create technical design documents and drive your own design plans with clarity and confidence. • Contribute to a product-driven roadmap with real deadlines and clear outcomes, helping the team prioritize tradeoffs and ship iteratively rather than waiting for “perfect.”

• Define full stack architectures for large scale systems • Drive their adoption across multiple teams • Regularly write high-quality production code • Build proofs of concept and own zero to one projects end to end • Contribute quickly across different teams and domains • Own business critical technical problems with high ambiguity • Apply machine learning to create product value • Partner with Product leadership to connect engineering roadmaps to company strategy • Raise the bar on engineering best practices and operational health • Develop senior engineers into technical leaders through mentorship

• At H1, we believe access to the best healthcare information is a basic human right. • Our mission is to provide a platform that can optimally inform every doctor interaction globally. • This promotes health equity and builds needed trust in healthcare systems. • To accomplish this our teams harness the power of data and AI-technology to unlock groundbreaking medical insights and convert those insights into action that result in optimal patient outcomes and accelerates an equitable and inclusive drug development lifecycle. • Visit h1.co to learn more about us.

• Lead architecture and design of multi-tenant BeyondTrust PAM services for MSP customers, including onboarding of new tenants and standardization of service offerings. • Architect secure privileged access workflows for infrastructure, applications, databases, cloud platforms, and network devices, aligned to least-privilege principles and regulatory requirements. • Implement and maintain BeyondTrust Password Safe and related components, including: • Discovery and onboarding of privileged accounts and systems • Password rotation policies and check-in/check-out workflows • Session brokering, recording, and real-time monitoring • Approval workflows and just-in-time (JIT) access • Implement and maintain BeyondTrust Privilege Management for endpoints and servers (Windows and Linux/Unix), including policy design, deployment, and tuning to minimize user/admin friction while enforcing least privilege. • Design and maintain highly available and secure BeyondTrust infrastructure, including clustering, scaling, upgrades, patching, and disaster recovery strategies across customer environments. • Integrate PAM with identity and security platforms, including: • Active Directory / Entra ID / LDAP and other directories for authentication and group-based access • MFA/SSO platforms using SAML/OIDC/OAuth2 • SIEM and logging platforms for monitoring and alerting on privileged activity • ServiceNow and other ITSM tools for request, approval, and ticket correlation workflows • Develop and maintain automation and tooling (e.g., PowerShell, Python, REST APIs) to: • Accelerate onboarding and lifecycle management of privileged accounts and systems • Enforce configuration standards and policies at scale • Generate reports and dashboards for compliance and operational KPIs • Lead end-to-end customer onboarding to the PAM service, including: • Requirements gathering, use case definition, and risk assessment • Designing onboarding playbooks and standard reference architectures • Coordinating with internal and customer teams to implement and validate PAM controls • Define and maintain standardized PAM policies and baselines across customer environments, including credential management, access approval patterns, session monitoring, and privileged elevation rules. • Conduct security and risk assessments of existing privileged access practices, recommend remediation plans, and track execution to closure. • Serve as subject matter expert and escalation point for PAM-related incidents and service requests, including troubleshooting BeyondTrust platform issues and complex access problems. • Collaborate with security, infrastructure, network, and application teams (internal and customer) to ensure PAM controls are aligned with broader security architecture and operational requirements. • Develop and maintain comprehensive documentation, including: • Platform architectures and configuration standards • Customer-specific runbooks and operational procedures • Onboarding and migration playbooks • Knowledge base articles and FAQs for internal and customer use • Provide mentoring and guidance to team members on PAM concepts, BeyondTrust best practices, and secure operations in a managed services context. • Communicate with customers and internal stakeholders with transparency, providing regular status updates, risk/issue visibility, and technical recommendations. • Complete training and certification as assigned to further skills and knowledge, including PAM and BeyondTrust-specific certifications where applicable. • *Other job duties as assigned