Application Security Manager (Ngde, Iac, Console)
Seattle, Wa, Us
Led a team of over a dozen high judgement security engineers to threat model and raise the security bar of AWS products and services. This role managed all security of the Next-Gen Developer Experience (NGDE) organization including CodeWhisperer and CodeCatalyst, all AWS Infrastructure-as-Code (IaC) including CloudFormation and Cloud Development Kit (CDK), all Amazon-produced Open Source Software (OSS), AWS DevTools, AWS CodeServices, AWS Console, AWS Mobile, AppSync, Device Farm, Simple Email Service (SES), and Pinpoint. This team created an agile security review process to handle the appetite of our NGDE organization as they continued to utilize Generative AI and Amazon's Large Language Models (LLMs). Collaborated and coordinated application security best practices with AWS VPs and Directors responsible for over 2200 software engineers. This role was also responsible for managing underperformance, training an individual contributor to a manager role, and creating the very first Department of Labor application security apprenticeship program. Our apprenticeship program had an 80% success rate and even garnered attention from the White House.