Senior Product Security Engineer

Partnered with 8+ product teams to embed secure-by-design requirements throughout the SDLC and drive a risk-based vulnerability management program across cloud and on-prem estates.

• Integrated Snyk, Tenable, Orca, and Armis with CI/CD pipelines
• Reduced critical vulnerability backlog by 60% in two quarters
• Implemented policy-as-code guardrails cutting review time from days to under 30 minutes
• Hardened multi-cloud environments (AWS & GCP) using Terraform and CIS benchmarks

Designed and built a RAG-powered Slack bot that automates compliance evidence collection, intelligent report generation, and real-time security alerting.

• Built RAG pipeline for intelligent compliance querying and report generation
• Developed interactive Slack bot with LLM-powered natural language interface
• Integrated with Asana for automated remediation task tracking
• Leveraged AWS Athena to analyze CloudTrail logs and surface anomalies
• Reduced manual compliance effort by 75%

Led enterprise-wide security tooling deployment for a medical IoT platform, enabling secure development practices at scale.

• Led SonarQube Enterprise rollout with Terraform HA cluster and CI/CD integration
• Deployed Burp Suite Enterprise with pipeline hooks and DAST triage training
• Enabled 120+ engineers through developer security training sessions
• Achieved 85% DAST scan coverage across 30 repositories

Enhanced security automation for a cloud-native software-defined networking platform delivering managed services to enterprise customers.

• Integrated Black Duck for container and application SCA
• Developed security tools for CI/CD pipeline integration
• Established automated security testing frameworks
• Improved release compliance from 40% to 90%