- Own end-to-end security posture for institutional products.
- Perform threat models, secure design reviews, and incident response.
- Partner with engineering on backend systems and cryptographic protocol reviews.
- Build application security program (SDLC, code review, dependency scanning, secrets management).
- Operate vulnerability management, penetration testing, and bug bounty programs.
- Manage incident response, including runbooks and on-call rotation.
- Lead compliance programs (SOC 2 Type II) and establish controls.
- Represent security in institutional customer conversations and due diligence.
AWS