Kompetencer
Application, cloud, network and physical security; TOGAF and SABSA; MITRE ATT&CK, penetration testing, threat intelligence, packet analysis, forensics and threat hunting; WAF, IPS/IDS, firewalls, proxies, DLP, gateways, IAM, SIEMs and encryption; privacy, HIPAA, PCI DSS, ISO27000, NIST, NERC, FedRAMP and COBIT; SCADA and IoT security; AWS, Azure, and GCP DevOps and DevSecOps; working knowledge of HTML, CSS, JavaScript, React, Angular, .NET Core, Python, Java, C#, C++, Node, Express, Swift, Bash, PowerShell, Docker, Kubernetes, OpenShift, Git, GitLab, GitHub, BitBucket, Jenkins, CircleCI, GitLab, Terraform and Ansible; GRC, internal audit, statistics, data analysis, machine learning, project management, Jira, ServiceNow, Clickup, Confluence, Slack, Teams, Zoom and Google Meet
Tidligere og nuværende ansættelser
Senior DevSecOps Engineer (HireVergence) 6/2021 – 7/2022
Lending Club – Designed and implemented crucial elements of DevSecOps pipeline. Implemented Model- based Shift-Left procedures. Designed, installed, and tested Active Directory security evaluation solution in AWS based on Bloodhound tool and Neo4j database. Automated the deployment with Terraform, and the tests with a Bash script. Performed application architecture security assessment, SAST, DAST and penetration testing of several corporate banking applications. Reviewed and improved security policies and standards for BYOD strategy.
Evaluated security of the data analysis solutions like Databricks and Snowflake.
Highmark Health – Recommended and implemented optimal security approaches, methods, and tools to secure enterprise business applications. Secured infrastructure and applications running on OpenShift platforms and GitLab CI/CD. Improved security-related phases of the cycle. Maintained, analyzed, and interpreted a threat intel database along with the best remediations. Ensured continuous security and quality of software development through education and workshops. Implemented the latest DevSecOps tools and processes for static, dynamic, container security and software composition analysis. Set-up and fine-tuned vulnerability scans as well as the remediation procedures.
Equifax – Integrated WhiteHat Sentinel DAST platform in the CI/CD pipeline on CircleCI. Migrated critical security solutions to the Google cloud, including FireEye, Tanium, Cisco ASA, PaloAlto firewalls, Aruba Airware, BlueCoat Proxies, McAfee ePO, BigID, Ping ID SSO. Created operations documentation and runbooks. Prioritized and onboarded information sources in Splunk. Performed synthetic testing of numerous Splunk indices. Setup intermediary syslog collector server. Coordinated integration of Splunk capabilities into the SOC’s runbooks and escalation procedures. Updated FireEye HX agents on thousands of corporate servers around the world with Tanium. Enhanced the change management process. Created health and performance alerts and dashboards in Datadog on network and application level. Lead a project of onboarding critical system credentials to CyberArk vaults. Automated detection of user entitlement approvals in SailPoint.
Senior DevSecOps Engineer at Finix (Contract) 5/2020 – 5/2021
Established and ran a full SDLC application security program and DevSecOps including the assessment of requirements, architecture evaluation, SAST, IAST and pentesting of Java/React/PostgreSQL applications and APIs. Trained analysts and documented reporting and remediation procedures and escalation steps. Conducted a vendor selection and implemented security solutions in a CircleCI, GitHub and AWS setting. Designed and implemented an information protection program for data at rest, in transit and in processing including sensitive data discovery, classification, source correlation, Postgres database configuration, credentials/certificates management and encryption. Planned and implemented an incident response and business recovery program. Designed incident response procedures, implemented alerting and forensics solutions, created and assigned roles. Conducted tabletop exercises and field tests to meet proper response and recovery objectives (RTO and RPO). Built proactive threat detection and a SIEM-centered security operations center. Established the change management program, including the solution (ServiceNow), roles and monitoring of unauthorized changes and authority abuse. Planned, purchased and implemented Splunk SIEM across the business replacing Scalyr and AlienVault, integrated data collection from various systems on AWS, applied parsers and built series of security searches and dashboards. Handed off the solution to the administrators and created wiki pages with knowledge transfer on Confluence.
Senior DevSecOps Engineer at Oportun (Contract) 6/2019 – 6/2020
Installed and configured tools and perfor