**What You’ll Be Doing: ** • Strategic Advisory: Act as a lead consultant for enterprise customers, moving beyond tool configuration to advising on global web application security strategies and DevSecOps maturity. • Program Architecture: Guide customers in integrating ASPM, DAST, SAST, and SCA into complex CI/CD workflows (GitHub, GitLab, Jenkins, ADO) at an enterprise scale. • Thought Leadership: Act as an internal Subject Matter Expert for the consulting organization, refining our playbooks and guiding technical standards for AppSec, API security and cloud-native testing. • Technical Excellence: Resolve the most complex DAST rollout challenges, including authentication hurdles and scan accuracy in unique, abstract customer environments.

• Support security automation and Identity & Access Management (IAM) initiatives. • Implement, integrate, and operationalize security technologies while developing automation and integration among enterprise security tools. • Work closely with IT and security teams to design, deploy, and maintain secure systems. • Play a critical role in enhancing enterprise security posture, mitigating threats, and ensuring compliance with applicable security frameworks. • Ensure consistent application of security measures across business applications and infrastructure. • Conduct security monitoring, SIEM analysis, and reporting.

• Author and maintain detection rules across SenseOn's dual-engine architecture: • Real-time streaming detections evaluated in milliseconds, written as YAML compiled to binary rulesets • Batch behavioral detections backed by parameterised ClickHouse SQL, running on a seconds-to-minutes cadence • Write aggregations and materialised views in ClickHouse that power statistical anomaly baselines • Build and extend our hunting query library. MITRE-mapped ClickHouse queries that analysts use daily for threat hunting • Map every rule precisely to MITRE ATT&CK techniques and tactics, including subtechnique granularity • Instrument your own rules: measure false positive rates, define confidence scores, build test datasets, and own the quality of what ships • Tune detections against real-world telemetry. Understanding why a rule fires is as important as making it fire • Extend our existing LLM driven rule writing engine to have much wider coverage • Design and build pipelines where LLMs can propose detection rules from threat intelligence, CVE disclosures, or analyst hunt findings, with structured output, YAML validation, and human-in-the-loop approval gates • Build feedback loops: when a detection fires or produces a false positive, that signal should flow back to improve future AI-generated rules • Define the prompt engineering and evaluation harness for detection generation. Pass@k metrics, FP/TP scoring, MITRE alignment validation • Work with engineering to make the detection data model AI-legible: schemas, annotations, and context structures that LLMs can reason over reliably • Think about our hunting interface: how does an analyst describe a threat in natural language and get a validated ClickHouse query back?

• Develop and implement the organization's information security strategy. • Provide regular security updates to the CIO, other executives, and the board of directors, including presentations on security matters. • Represent the organization in security-related matters with external parties, including vendors and auditors. • Work closely with the CIO and operate as a member of the DevOps team to emphasize and implement security initiatives. • Conduct regular risk assessments and vulnerability scans using tools like Rapid7 IVM and internal tracking systems. • Oversee the development and implementation of incident response plans and conduct tabletop exercises with DevOps team members. • Ensure compliance with relevant regulations and standards, including HITRUST, NIST, DirectTrust, HIPAA, SOC 2 (Type II), ISO. • Manage internal and external security audits, including evidence collection and preparation. • Develop, review, and update information security policies and procedures, including the Vulnerability and Patch Management Procedure and Data Center Access Procedure. • Participate in the day-to-day operations of the security team and manage security tools and technologies, including Check Point, SentinelOne, and intrusion detection systems. • Lead and mentor the security team, reviewing tasks and responsibilities working closely with the DevOps team members. • Evaluate and manage security vendors, including VDA Labs, KnowBe4, and perform vendor audits.