• Evaluate vulnerability reports submitted by security researchers to determine validity, severity, exploitability, and business impact for HackerOne customers using Data-Driven Decision Making and established security frameworks such as CVSS. • Independently reproduce reported vulnerabilities across web and mobile applications, applying First Principles Problem Solving to validate findings, identify root causes, and clearly communicate impact. • Collaborate directly with security researchers to gather missing information, clarify technical details, and improve report quality while maintaining clear and professional communication with customers. • Create concise, technically accurate summaries for validated findings, including reproduction steps, impact analysis, and remediation guidance. • Demonstrate Change Agility by adapting to evolving customer environments, changing program scopes, emerging attack techniques, and shifting operational priorities. • Contribute to an AI-First approach by leveraging automation and AI-enabled workflows to improve operational efficiency, report analysis, and vulnerability triage quality. • Partner cross-functionally with Technical Services teammates and customer-facing teams to ensure timely handling of vulnerabilities and a high-quality customer experience. • Proactively identify opportunities to improve internal processes, documentation, tooling, and triage workflows to enhance scalability and consistency across the Technical Services organization.

• Leverage various security tools to perform monitoring and analysis of security events/data to identify security risks and threats on customer networks. • Utilize cyber hunt techniques to discover violations or threats. • Implement, administer, and use cybersecurity tools, systems and applications; develop policies, standards, and guidelines to ensure secure enterprise-wise operations, performance and resiliency. • Deploy and secure security systems, application layer and traditional firewalls, vulnerability management and forensics utilities, and other infrastructure deployed and maintained by the Information Security Office. • Develop plans to safeguard information against unauthorized access modification, and destruction, and ensure organizational continuity of operations. • Work with SIEM solutions such as Splunk and others to perform investigation and triage of incidents. • Working with your team and broader True Zero community to stay up to date on the latest security trends and threats to improve the effectiveness of security programs for our customers. • Following processes and procedures and providing refinement suggestions for them. • Performing detailed documentation efforts to report on all investigative steps performed and coordinating with external teams/personnel.

• Monitor and respond to information security issues across systems and business workflows to ensure security controls are effective and operating as intended. • Administer, manage, and maintain security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), content filtering solutions, endpoint protection platforms, and other security controls. • Utilize and manage security tools such as SIEM platforms, vulnerability scanners, forensic tools, and threat monitoring solutions to identify, assess, and respond to security risks and incidents. • Enforce security policies and procedures by administering security profiles, reviewing security violation reports, investigating exceptions, and maintaining documentation of security controls. • Coordinate and support incident response activities, including investigation, containment, remediation, recovery, and reporting. • Partner with IT, Legal, Compliance, and other stakeholders to identify and manage security vulnerabilities and risk exposures. • Assist in the development, implementation, and maintenance of security policies, standards, and procedures, including authentication controls, security monitoring, incident escalation, auditing, encryption, and firewall management. • Develop, deliver, and maintain security awareness and training programs to promote a strong security culture. • Conduct ongoing security research to stay informed of emerging threats, vulnerabilities, technologies, and industry best practices. • Participate in the evaluation and implementation of security products, technologies, and processes to improve organizational security, efficiency, and effectiveness. • Support internal and external audits, risk assessments, and compliance initiatives as required.

• Design, implement, and manage secure LAN/WAN network architectures for enterprise and MSP clients. • Conduct firewall audits, vulnerability assessments, and infrastructure hardening across client environments (Cisco ASA, FTD, Fortinet, SonicWall). • Perform real-time security monitoring using SIEM tools and respond to alerts and incidents proactively. • Manage and troubleshoot Next-Generation Firewall (NGFW) devices and enforce security policies. • Oversee client onboarding and offboarding processes including system configuration, access provisioning/decommissioning, and documentation handover. • Configure and support cloud platforms including Microsoft Azure, AWS, and Google Cloud Platform for client security posture. • Administer Microsoft 365 environments — user provisioning, Exchange Online, licensing, and security configurations. • Deploy and manage monitoring and security tools such as SolarWinds, Nagios XI, Auvik, Cisco OpenDNS, Datto RMM, NinjaOne, and Dark Web Monitoring. • Configure Layer 2/3 networking including VLANs, STP, OSPF, EIGRP, BGP, QoS, IPSec VPNs, and MPLS. • Implement AAA, MFA, IDS/IPS, and RADIUS solutions to secure network access. • Contribute to ISO 27001 compliance initiatives and maintain ITIL-aligned change management processes. • Design and document disaster recovery plans for network and server infrastructure. • Manage Microsoft Server environments (AD, DNS, DHCP, RDS) and virtualization platforms. • Produce detailed technical reports and ensure compliance with contractual and regulatory requirements.