Senior Product Security Engineer | Security Platform Builder | DevSecOps
Building security platforms, AI-assisted security operations, secure software delivery processes, and security governance frameworks for enterprise products.
- 7+ Years in Cybersecurity, Product Security, and DevSecOps
- Secure SDLC and Vulnerability Management Program Ownership
- Product Security Engineering for DNS, DHCP, IPAM, ADC, Discovery, and Portal Platforms
- Security Platform Development and Automation
- Security Governance and Compliance Programs
- Customer Security Assurance and Security Assessments
- Application Security, Threat Modeling, and Detection Engineering
Experience building and operating security capabilities across:
- Secure SDLC Programs
- Product Security
- Vulnerability Management
- Security Governance
- Customer Security Assurance
- Security Advisory Management
- Threat Modeling
- Security Platform Engineering
- AI-Assisted Security Operations
Focused on enabling engineering teams to ship securely while improving visibility, automation, governance, and risk management across the software development lifecycle.
Centralized Security Operations, Governance, Risk, Compliance, and Executive Reporting Platform providing visibility into security posture, risk exposure, compliance readiness, customer security assurance activities, and security program health.
AI-Assisted Vulnerability Intelligence and Security Operations Platform supporting vulnerability intelligence collection, risk classification, security analytics, advisory workflows, governance reporting, and executive visibility.
DevSecOps Security Platform integrating security scanning, release gates, vulnerability validation, remediation workflows, and security policy enforcement across CI/CD pipelines.
Detection Engineering and MITRE ATT&CK Coverage Platform enabling ATT&CK coverage analysis, detection mapping, threat hunting support, monitoring gap identification, and security operations reporting.
Product Security Platform focused on DNS, DHCP, and IPAM security assessments, detection engineering, threat hunting methodologies, attack simulations, and security validation.
Infrastructure Security Platform delivering infrastructure provisioning, security baseline enforcement, hardening automation, environment validation, and operational readiness workflows.
Security Governance Platform providing Secure SDLC frameworks, vulnerability management lifecycles, threat modeling methodologies, security advisory workflows, governance models, and security program operating procedures.
Building AI-assisted workflows for:
- Vulnerability Intelligence
- Security Triage
- Evidence Correlation
- Risk Classification
- Security Advisory Generation
- Governance Reporting
- Security Analytics
All security decisions remain human-reviewed and human-approved.
- Product Security
- Vulnerability Management
- Secure SDLC
- Application Security
- Threat Modeling
- Security Architecture
- Detection Engineering
- Threat Hunting
- Jenkins
- GitHub
- GitLab
- Semgrep
- Snyk
- Trivy
- OWASP Dependency Check
- GitLeaks
- SonarQube
- Python
- Flask
- PostgreSQL
- Linux
- Docker
- REST APIs
- SQL
Experience supporting and operationalizing:
- ISO 27001
- NIST CSF
- CIS Controls
- SOC 2 Security Principles
- Security Metrics and Reporting
- Risk Management Processes
- AI-Assisted Security Operations
- Security Platform Engineering
- Product Security Engineering
- Vulnerability Intelligence Platforms
- Security Governance Automation
- Secure SDLC at Scale
- Security Data Platforms
- Certified Ethical Hacker (CEH)