Skills
Security Program Leadership: Security Champions Programs • Security Awareness & Training • Developer Enablement • Security Culture Building • Program Measurement & OKRs • Cross-Functional Collaboration
Application & Product Security: Threat Modeling • Secure SDLC Integration • OWASP Top 10 •Secure Coding Practices • Security Design Reviews • SAST/DAST Implementation • Vulnerability Management
Governance, Risk & Compliance: ISO 27001 • SOC 2 Type I/II • NIST CSF • CIS Controls v8 • GDPR • Risk Assessments • Third-Party Risk Management • Audit Leadership • Customer Security
Assurance Technical Capabilities: Python • Shell Scripting • Security Tools (SAST/DAST/SCA) • Cloud Security (AWS/Azure/GCP) • Network Security • Incident Response • CI/CD Security Integration
Tools & Platforms: Vanta • Jira • Git/GitHub • Confluence • Vulnerability Management Tools • Collaboration Platforms
About
CISSP-certified Security Enablement Leader with 15+ years building security-first cultures through Security Champions Programs, developer training, and product-embedded security practices. Proven
track record designing and scaling security enablement initiatives that train 6,000+ developers while maintaining compliance with ISO 27001, SOC 2, NIST CSF, and GDPR. Expert in translating complex security requirements into developer-friendly practices that accelerate secure development without slowing innovation. Skilled at bridging security and engineering teams through threat modeling, OWASP education, and hands-on SDLC integration. Combines technical depth (application security, secure coding, cloud security) with program leadership, stakeholder engagement, and metrics-driven continuous improvement.
Profile Photo
