Security Analyst II
CurrentLead technical contributor on client-facing security engagements across application, infrastructure, and cloud surfaces.
- Delivered enterprise-grade assessments across web, mobile, API, and thick-client environments aligned with OWASP
- Translated technical findings into business risk for client executives and management
- Managed end-to-end engagements: discovery, scoping, execution, remediation guidance, post-engagement support
- Configured and integrated SAST/DAST tooling within GitHub Actions and GitLab CI pipelines
- Conducted secure code reviews with developer-friendly remediation aligned to Secure SDLC and DevSecOps
- Performed cloud configuration audits across AWS, Azure, and GCP - IAM gaps, misconfigurations, compliance
- Executed red-team and adversary-simulation assessments and presented findings to leadership
- Authored architecture diagrams, threat models, executive reports, and operational runbooks