• Define, drive, and execute product strategy and roadmap for cybersecurity and control platforms • Translate enterprise risk priorities, threat scenarios, and regulatory requirements into product capabilities and control solutions • Ensure alignment between product outcomes, risk reduction, and business resilience objectives • Act as the voice of the customer, representing the needs of control owners, engineers, risk partners, and business stakeholders • Engage in continuous discovery, test-and-learn, and feedback loops to validate assumptions and refine product direction • Build strong partnerships across Product Security, Cyber Operations, Technology Risk, and engineering teams • Decompose complex problems into manageable work items and maintain a prioritized product backlog • Lead iterative, outcome-based delivery using agile and test-and-learn methodologies • Provide clear direction, timely feedback, and alignment across cross-functional teams • Ensure controls are designed with clear linkage to risk scenarios, exposure conditions, and business outcomes • Enable standardized control onboarding, lifecycle management, and adoption across domains • Define and manage KPIs to measure control effectiveness, risk reduction, and product adoption

• Design and maintain SAP authorization architecture • Design and maintain SAP Fiori security architecture • Ensure proper authorization design for SAP Fiori and related services • Establish security standards across SAP modules • Ensure SAP security architecture supports MP Materials’ SAP S/4HANA Private Cloud environment • Provide security guidance for SAP integrations, enhancements, and custom development • Define and maintain the long-term SAP security strategy and roadmap • Own and maintain the SAP Segregation of Duties (SoD) framework • Identify and remediate access risks and control gaps • Support internal and external audit activities • Administer and continuously improve SAP GRC Access Control • Establish scalable processes for access requests and approvals • Manage privileged access governance and SAP GRC Emergency Access Management processes • Improve automation and governance of SAP access lifecycle management processes • Partner with infrastructure and cybersecurity teams to ensure SAP security aligns with enterprise security standards • Serve as the SAP security subject matter expert within the SAP Center of Excellence.

• Develop, test, and maintain secure web applications. • Write clean, scalable, and security-focused code. • Build and maintain APIs, backend services, and frontend features. • Identify and resolve security vulnerabilities in applications. • Apply secure coding standards and best practices. • Support secure API development, authentication, and authorization. • Work with WebSockets and real-time application features. • Collaborate with development, product, and security teams. • Participate in code reviews, security reviews, and technical discussions. • Support deployment, configuration, and system hardening. • Prepare technical and security-related documentation when needed

• Design, build, review, and ship features powering Operant's products alongside the rest of the engineering team. • Own significant systems or components end-to-end — architecture, implementation, testing, deployment, operation. • Raise the technical bar through code review and contribute to architectural decisions on shared core systems. • Provide live debugging and engineering depth for strategic APAC customers during their business hours. • Participate in the engineering on-call rotation, with primary responsibility for customer-facing issues during APAC hours. • Ship contained fixes and small features independently; coordinate with US engineering on anything architectural or cross-cutting. • Make the call on what gets escalated to the US team overnight vs. waits for morning, and produce comprehensive async handoffs when escalating. • Partner with the APAC Customer Success Team as their L2/L3 escalation path and technical partner. • Join key deployment milestones, architecture reviews, and QBRs/EBRs when product depth is required. • Translate field observations into product improvements; validate feasibility of regional feature requests and present synthesized feedback in the monthly product review. • Operate with autonomy across a 12–14 hour gap from the US team, with disciplined async communication. • Available during overlapping hours with Pacific Standard Time (PST) for global engineering meetings and synchronous work with US-based leadership.