• Be the link between Information Security (IS) and the business. • Serve as the dedicated and ongoing Information Security point of contact for Product and Engineering squads. • Actively participate in team ceremonies, planning sessions and product reviews — not as an occasional guest, but as a relevant member of the conversation. • Translate security requirements into language and context that make sense for development teams, product managers (PMs) and product leaders. • Identify, assess, and communicate security risks clearly to non-technical stakeholders. • Build and track risk treatment plans with the areas, prioritizing based on real business impact. • Ensure Product and Engineering teams understand the risks they are assuming with each decision — and that those choices are made consciously. • Act as a facilitator between squads and the IAM team for access provisioning and reviews — removing friction while maintaining necessary controls. • Support teams in incorporating security practices throughout the development lifecycle (security by design, threat modeling, architecture reviews). • Act as a guide on compliance and Information Security policies, with a pragmatic view of the real needs of those building the products. • Foster a security culture that is perceived as an enabler, not an obstacle. • Promote continuous, contextualized security awareness for Product and Engineering teams. • Identify recurring risk patterns and propose systemic improvements, not just ad-hoc fixes.

• Support the day-to-day security posture of systems and services across cloud and on-prem environments. • Review vulnerability findings from scanners, penetration tests, and other assessments, and help drive remediation to closure. • Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, monitoring, and incident readiness. • Support compliance and assessment activities related to GovRAMP/FedRAMP, PCI DSS, internal reviews, and third-party examinations. • Use AWS security tooling effectively, support day-to-day security processes, and help translate security and compliance requirements into practical, durable operational outcomes. • Maintain documentation, procedures, and other operational artifacts so they stay aligned with the environment and current control expectations.

• Serve as a primary technical lead on client engagements involving Microsoft security, compliance, and data protection solutions • Design and implement data security, governance, and compliance strategies aligned with Microsoft 365 and Azure capabilities • Advise clients on secure adoption of Microsoft Copilot, including data exposure risks, governance controls, and compliance considerations • Architect and deploy solutions leveraging tools such as: Microsoft Purview, Microsoft Defender suite and Microsoft Sentinel • Translate regulatory and compliance requirements into actionable technical solutions (e.g., ISO frameworks, government regulations, internal controls) • Conduct data discovery, classification, and protection strategy design • Collaborate with project managers and stakeholders to deliver high-quality outcomes • Contribute to pre-sales efforts, including solution design, scoping, and level-of-effort estimates • Create technical documentation, implementation guides, and client training materials • Act as a subject matter expert (SME) and mentor to other engineers • Develop and refine repeatable offerings around data security, compliance, and Copilot readiness • Stay current on evolving Microsoft security, compliance, and AI governance capabilities

• Define, analyze, and review secure software architectures for centralized automotive computing platforms • Perform threat modeling and security architecture analysis for mixed-criticality, multi-tenant automotive software systems • Partner with safety architects to reason about the interaction between security controls, safety mechanisms, failure modes, and recovery behavior • Define OS security policy, access control, isolation, and privilege models across Android, Linux, QNX, and virtualized environments • Build security systems that maintain integrity and availability for safety-critical vehicle software • Analyze security trade-offs involving performance, latency, memory footprint, boot time, diagnosability, and functional safety requirements • Guide engineering teams on secure build, secure coding, threat mitigation, and security review practices • Collaborate across software, hardware, safety, security, and systems teams to meet NVIDIA and automotive industry standards