• Own APF Core Services: Build and harden the Runtime Policy Verifier, signed policy bundle verification, trust-root handling, freshness, rollback protection, subject binding to attested runtime context, revocation checks, and authorization APIs used by APF-compatible enforcement points. • Design Policy Projection: Implement deterministic projections from the canonical APF policy into OpenShell-native runtime policy, adapter constraints, credential constraints, audit requirements, and model-visible tool hints, while preserving the atomic projection-admission contract. • Build Conformance and Verification: Create golden fixtures, compatibility tests, negative tests, fuzz/property tests, and conformance suites that prove APF-compatible runtimes and adapters honor the same contract. • Collaborate with Runtime Owners: Engage alongside OpenShell and Infrastructure engineers on public runtime interfaces for projection consumption, runtime context attestation, approved adapter paths, direct egress verification, and admission/rejection semantics. • Land the Runtime integration surfaces. Own the cross-team work with OpenShell and other runtime owners to land public substrate interfaces APF composes against — runtime-context attestation, approved adapter path declaration, projection acceptance and rejection semantics, quarantine, and stop-session hooks. Land each as a public RFC or PR. • Drive Architecture Maturity: Define versioning, schema compatibility, latency budgets, availability behavior, fail-closed defaults, last-known-good policy handling, and engineering review artifacts for Product Security, Fleet, Identity, and partner teams. Evolve technical specifications. Write specifications, defend bounded claims in security and architecture reviews, drive open-decision resolution, and turn working-draft contracts into engineering artifacts that Product Security, Fleet, Identity, and partner runtimes can adopt.

• Serve as one of the owners for application and database performance. Review pull requests with an eye for query cost, indexing, and data access patterns, and drive improvements across the codebase. • Own external API integrations and data exchange. Build and maintain reliable partner connectors, including authentication, rate limiting, and retries. Design and evolve internal and partner-facing APIs. • Design and ship backend features and services in Python and Django with predictable latency and high reliability. • Diagnose production issues, lead debugging sessions, and improve observability using logs, metrics, and traces. • Proactively identify performance risks, create plans to eliminate them, and coach the team on best practices to prevent regressions. • Maintain strong automated test coverage and clear documentation that support safe changes and fast delivery. • Mentor engineers through pairing, design reviews, and actionable feedback that raises the standard of the team. • Contribute to architectural discussions and solutioning to ensure scalable and effective product decisions.

• Design and build full-stack features across the integration ecosystem — from React/Next.js frontend experiences to Python and Go backend services that connect Rewst to third-party platforms • Develop and maintain connector infrastructure, API integrations, and data synchronization pipelines that MSPs depend on daily • Take an AI-first approach to development — using LLM assistants as core tools for coding, debugging, code review, and documentation, and contributing to AI-powered features built on AWS Bedrock with Claude models • Implement GraphQL queries, mutations, and backend resolvers using Apollo Client and our Go/Python API layers, working across the full request lifecycle • Write automated tests (unit, integration, and component) as part of a test-driven development workflow, ensuring connector reliability across a broad integration surface • Participate in code review, give and receive feedback on stacked diffs, and help raise the quality bar across the codebase • Collaborate closely with Product Managers, Designers, and partner-facing teams on integration design, acceptance criteria, and edge case handling — shipping ecosystem features that are robust, not just functional

• Build and evolve the agent harness and orchestration that turns an LLM into a reliable autonomous pentester, the loop that reasons over an application, forms attack hypotheses, acts, and verifies results. • Design the tools and tool-shaped feedback the agent uses to probe and exploit, and the structured-output and validation layers that keep it reliable (e.g., hook-enforced mandatory validation, schema-constrained outputs). • Translate the team's offensive expertise into repeatable agent capabilities — partnering directly with our attackers to encode how they think into something the agent can do consistently. • Own and grow our evaluation infrastructure: benchmark suites, a failure-mode taxonomy across the pipeline (discovery → hypothesis → exploitation → verification), and regression detection, so we actually know whether the agent is getting better. • Manage LLM inference in production: model selection, prompt and context engineering, and keeping cost and latency under control (we run on AWS Bedrock with centralized cost tracking). • Hold the line on production-safety and no-false-positives, every finding the agent reports has to be real and reproducible.