Design security models that support multi-tenant platforms, diverse user groups and automated system behaviors
Create a clear, scalable identity and access strategy across users, services, workflows and agents
Define policy-based controls for environments, services, data-access layers and workflow execution
Shape data protection standards covering classification, retention, minimization, lineage and usage transparency
Establish runtime controls for safe automation including guardrails, permissible actions, validation steps and human-in-the-loop points
Guide the adoption of secure delivery patterns in engineering and CloudOps including build, deploy and operate practices
Design monitoring and audit structures that make system behavior observable and explainable
Evaluate emerging risks related to automation, agent delegation, external integrations and cross-tenant data flows
What you will work with
Identity and access frameworks such as role, attribute and policy-based access models
Policy engines and validation layers used across infrastructure, APIs, workflows and data surfaces
Runtime controls for distributed systems including API-level permissions, workflow constraints, rate-limiting and isolation patterns
Data governance concepts including classification, encryption, access boundaries and consent-driven use
Observability and audit systems that track behavior across humans, services and automated agents
Security models for advanced automation including safe action sets, agent trust boundaries and control checkpoints
Lightweight design documentation, threat modelling and architecture standards
Requirements
Strong background in cloud-native security concepts and architectures
Experience with identity, access, policy and data protection in multi-tenant or distributed platforms
Ability to translate security needs into practical, widely adoptable patterns and design systems that support both high operational velocity and strong security posture
Clear communication across technical and non-technical teams
Comfortable designing for evolving requirements and new technical patterns
Capable of transforming complex security concepts into practical designs that teams can adopt
