- Triage and Acceptance of incoming security issues.
- Creation and maintenance of mechanisms for the secure intake of vulnerability issues, including any security reporting email lists for O3DE.
- Management of GitHub security advisories for the O3DE repos.
- Management of any security disclosure mechanisms including email lists.
- Assists in the selection or development of tooling and automation for security issue identification.
- Runs security campaigns to resolve identified security issues, including deprecation of software components.
- Provide SPDX (Software Package Data Exchange) scanning tools to detect violations.