• Provide operational support and lifecycle management for security infrastructure and work within security programs, policies, and procedures • Participate in 24/7 on-call rotation and special events to support critical security services • Perform work and configuration changes during overnight maintenance windows • Support critical investigations and incident response • Provide a major contribution or a leading role in assigned portfolios while continuing to learn and contribute to other technology areas • Participate in risk assessments and conduct compliance checks • Collaborate with industry-leading vendors like Radware, Trend Micro, Netscout, Palo Alto, Juniper • Drive continuous improvement of our security posture with the help of automation and monitoring teams

• Build and operate Tanium Cloud's detection and response engineering in Azure, AWS, and Kubernetes for detections, analysis, and responses as automation as code using DevOps methodologies • Continuously evaluate and enhance the design and effectiveness of Cloud and Kubernetes security measures and establish an ongoing program to advance security and close gaps in our defensive posture. • Proactively characterize unauthorized activity and malicious behaviors in our cloud and container infrastructure and systems through code, testing, and automation • Develop tailored detection policies, perform testing, and implement automation to observe, evaluate, enhance, and review security information using SecDataOps and best practices. • Proactively integrate the latest security threats, vulnerabilities, and industry trends to enhance security detection measures and generate intelligence driven hunts. • Work together with the engineering, IT, and other security groups to create solutions that are expandable and adaptable to protect Tanium Cloud against threats ranging from low-level actors to national cyber-threat agents. • Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team's work • Be on periodic on-call for triage of critical events from detections and systems

• Support a large-scale Security Development Lifecycle (SDL) program spanning thousands of engineering teams. • Conduct audits of technical security controls and validate secure development practices. • Develop automation to improve security oversight and support SDL program.

• Develop and maintain automated systems for large-scale malware processing, unpacking, and indicator extraction. • Identify and solve problems and areas of improvement in analysis workflows, processes, and automated systems. • Plan and execute development of frontend and backend systems in the context of cyber security, cyber threat intelligence, and large-scale malware processing while balancing pragmatic short-term solutions with long-term strategies and vision.