• Monitor security systems and respond promptly to security incidents • Conduct regular security assessments and audits • Assist in the implementation and maintenance of security tools and technologies • Analyze security breaches to determine root causes and recommend corrective actions • Stay up to date with the latest cybersecurity trends, threats and technologies • Collaborate with senior analysts and team members to enhance overall cybersecurity posture • Prepare reports and documentation for internal and external stakeholders

• Develop and/or update Power BI dashboards to support contingency management; • Manage training related to contingency and emergency response; • Support the planning and monitor simulated exercises at Operational Units; • Propose actions to enhance leadership knowledge and capabilities; • Monitor implementation of contingency recommendations; • Support development and/or review of Emergency Response Plans; • Advise on preparedness and emergency response matters; • Support the review of procedures and standards related to contingency management; • Deliver presentations on contingency topics; • Monitor internal and external audits; • Assist with data entry into internal systems; • Train staff on accessing systems related to contingency.

• Lead secure design efforts. Partner with engineering teams on secure design and code reviews. Identify and prioritize risks early in the product lifecycle. • Build secure by default systems. Develop paved paths that systemically reduce risk and make secure development the easiest path for engineers. • Perform offensive security testing. Conduct penetration tests and code audits on new and existing products from an adversarial lens. • Improve our security tooling. Integrate and improve our static analysis, supply chain security, and vulnerability management capabilities across engineering pipelines. • Operate our responsible disclosure program. Run and improve our program by furthering automation, validating submissions, and coordinating remediation. • Improve our products. Write and ship code to remediate vulnerabilities in production systems and improve the security posture of WorkOS products. • Work directly with customers. Help build our customers' trust by directly engaging with their security-related questions and concerns.

• Lead security architecture and assessment reviews for cloud-native and hybrid solutions • Validate solution designs against industry frameworks such as National Institute of Standards and Technology (NIST CSF), Center for Internet Security (CIS Benchmarks), and Cloud Security Alliance (CSA CCM) • Conduct cloud penetration testing following CREST and CHECK methodologies • Validate Infrastructure as Code (IaC) security controls and CI/CD pipeline security • Lead compliance assessments including ISO 27017, ISO 27018, SOC 2, GDPR, NIS2, and DORA • Assess cloud governance frameworks and Cloud Security Posture Management (CSPM) implementations • Coordinate cloud security audits with internal and external stakeholders • Assess cloud IAM architectures and privileged access management controls • Validate encryption standards, key management processes, and data residency controls • Review SSO, MFA, and least-privilege implementations