• Lead secure design reviews, threat modeling, and security-focused code reviews across the product and platform. • Ensure security is ingrained into the SDLC so that the secure path is the easy path for engineers with secure-by-default libraries, patterns, and guardrails. • Own authentication, authorization, API security, and data protection architecture for a multi-tenant SaaS platform. • Architect and maintain security tooling integrated into CI/CD pipelines: static analysis, dependency scanning, secrets detection. • Evaluate and mitigate risks specific to Fieldguide's AI Agents — prompt injection, data leakage through LLM contexts, unauthorized tool use, and unintended agent behaviors. • Partner with Agent and Platform teams to define security boundaries for agent execution: sandboxing, least-privilege tool access, and runtime policy enforcement. • Build and run Fieldguide’s vulnerability management program: scanning, triage, SLA-driven remediation tracking, and engineering coordination. • Ensure visibility into vulnerability posture across application code, dependencies, and infrastructure. • Manage external penetration testing engagements, bug bounty programs, and coordinate remediation of findings. • Partner with infrastructure engineering to review and improve cloud security across our AWS environment: IAM, network architecture, secrets management, and logging. • Establish runbooks, communication protocols, and post-incident review practices in coordination with a 24/7 MDR team. • Collaborate with engineers on incident response processes and playbooks. • Partner with Compliance to ensure technical controls satisfy framework requirements (SOC 2, ISO 27001, ISO 42001, FedRAMP).