• Security Automation & CI/CD Integration (Core Focus): Embed security controls and scanners (SAST, SCA, DAST, IaC, Container Security) into CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, Azure DevOps). • Design and maintain automated security workflows across build, test, and deploy stages. • Implement security gates, policy enforcement, and compliance checks within pipelines. • Cloud Security (AWS Focus): Secure cloud-native architectures across AWS (IAM, VPC, ECS/EKS, Lambda, S3, API Gateway). • Integrate and operationalize CNAPP/CSPM tools (e.g., Wiz, Prisma Cloud). • Enforce least privilege access, secrets management, and runtime protections. • Own Cloud Security: Define and maintain security policies for our AWS environment, specifically focusing on containerized workloads (EKS/ECS) and serverless architectures (Lambda). • Automate Compliance: Move beyond manual checks by building real-time monitoring and automated remediation for AWS resources, ensuring we stay 'audit-ready' for frameworks like PCI and ISO 27001. • Lead Threat Modeling: Perform deep-dive threat modeling exercises on applications and designs, turning theoretical risks into actionable engineering plans. • Innovate with AI: Develop security standards for Generative AI leveraging AI-powered tools to explore our attack surface. • Guard the Infrastructure: Secure our Infrastructure as Code (IaC) templates (Terraform/CloudFormation) and manage cloud primitives like IAM, KMS, and WAF to ensure a 'least privilege' environment.

• Design, provision, and manage AWS infrastructure using Terraform • Operate, maintain, and scale production workloads running on Kubernetes • Package, deploy, and manage applications using Helm and infrastructure automation tools • Build, operate, and improve distributed and event-driven systems • Define, monitor, and maintain Service Level Indicators (SLIs), Service Level Objectives (SLOs), and error budgets • Develop automation for deployment, scaling, monitoring, incident response, and operational workflows • Own platform observability by implementing and maintaining metrics, logging, tracing, monitoring, and alerting solutions • Lead incident response efforts, facilitate blameless postmortems, and drive long-term corrective actions • Partner with Product and Engineering teams on capacity planning, performance optimization, and resilient system design • Implement and maintain security best practices to support HIPAA, SOC 2, and other compliance requirements • Participate in an on-call rotation and provide operational support for production systems

• Collaborating with development teams for the design and implementation of robust, scalable, and secure cloud-native solutions on Azure and AWS. • Developing and maintaining infrastructure-as-code to manage and provision infrastructure across numerous Azure and AWS accounts, ensuring consistency and efficiency. • Maintaining and optimizing CI/CD automation pipelines to facilitate rapid and reliable software deployments. • Collaborating with security experts to translate organizational security requirements into secure and compliant cloud implementations. • Participate in all aspects of the software development lifecycle from user story generation, through design, development, automated testing and operational support • Improve quality by actively participating in code-reviews and adhering to team quality standards. • Own execution of small-medium sized features with higher-level technical support • You describe the details of your work fluidly and accurately to technical peers

• Scaling and maintaining our infrastructure and services using AI (Claude Code) as a first-class collaborator in your daily development workflow. • Being opinionated on technical direction and strategy (and documenting those opinions for others to be able to follow). • Leading and mentoring other engineers on the team • Owning and resolving the most complex infrastructure failures — Kubernetes scheduling edge cases, networking degradation, cross-service cascading failures, and AWS platform issues that other engineers escalate • Participating in a shared on-call rotation (roughly one week every six to eight weeks on call) • Estimating schedules, breaking tasks down to reasonable 1-3 day tasks. • Driving cloud cost efficiency by identifying over-provisioned resources, rightsizing EC2 and container workloads, and building tooling to surface cost anomalies before they compound