• Review and refine AI-generated outputs related to security architecture, cyber risk assessments, mitigation strategies, and practical aspects of security design • Evaluate AI responses for accuracy, practicality, and compliance with real-world security requirements • Draft realistic security architecture scenarios based on your direct professional experience • Create scenario variations from different perspectives (e.g. security architect, client, IT leader, or regulator) • Identify gaps, oversights, or weak reasoning in AI-generated security content

• Validate incoming security findings from the broader research community using code analysis tooling or other industry standard pentesting tooling e.g. burpsuite. • Work with engineering teams to remediate valid findings in our codebase (product). Respond to security researchers, help with public disclosure. • Build or improve upon new automated workflows and tooling, leveraging LLMs for vulnerability triage, validation, remediation in any of rust, golang, python, etc.

• Design and maintain secure network and infrastructure architecture; • Configure and manage firewalls, VPNs, access controls, and network segmentation; • Secure servers, cloud resources, containers, and virtual machines; • Secure employee workstations and enforce security baselines; • Monitor endpoints and infrastructure for suspicious activity; • Collect, analyze, and correlate security logs; • Detect, investigate, and respond to security incidents; • Perform vulnerability analysis, risk assessment, and remediation; • Conduct system and network hardening; • Develop and deliver internal security trainings and awareness sessions; • Manage and maintain security training platforms and learning content; • Organize phishing simulations and awareness campaigns; • Collaborate with IT, DevOps, Infrastructure, and HR teams; • Complete and review clients security questionnaires and security assessment forms to demonstrate the company’s security posture; • Participate in security and compliance calls with client information security specialists and stakeholders. **Monitoring & Incident Response:** - Set up and maintain security monitoring and alerting; - Investigate anomalies and security incidents; - Perform root-cause analysis and post-incident reviews; - Improve detection, response, and prevention processes. **Security Awareness & Training:** - Plan and deliver security awareness programs; - Manage training platforms and user enrollment; - Track training completion and effectiveness; - Continuously improve training materials based on incidents and risks.

• Define, drive, and execute product strategy and roadmap for cybersecurity and control platforms • Translate enterprise risk priorities, threat scenarios, and regulatory requirements into product capabilities and control solutions • Ensure alignment between product outcomes, risk reduction, and business resilience objectives • Act as the voice of the customer, representing the needs of control owners, engineers, risk partners, and business stakeholders • Engage in continuous discovery, test-and-learn, and feedback loops to validate assumptions and refine product direction • Build strong partnerships across Product Security, Cyber Operations, Technology Risk, and engineering teams • Decompose complex problems into manageable work items and maintain a prioritized product backlog • Lead iterative, outcome-based delivery using agile and test-and-learn methodologies • Provide clear direction, timely feedback, and alignment across cross-functional teams • Ensure controls are designed with clear linkage to risk scenarios, exposure conditions, and business outcomes • Enable standardized control onboarding, lifecycle management, and adoption across domains • Define and manage KPIs to measure control effectiveness, risk reduction, and product adoption