Principal Security Architect
• Worked directly under CISO and provided weekly update on application security progress/concern to Global Information Security team• Conducted Security code reviews and worked one-on-one with dev teams on remediation.• Reviewed security requirements, security designs, and architecture for distributed system• Secured web applications via code review sessions, SAST, DAST and Pen testing• Developed in-house application for metrics tools that displays real-time vulnerabilities (graphically) discovered from security tools that are integrated with the CI/CD pipeline• Conducted training sessions with dev teams on secure design/coding.• Manually Threat Modelled legacy applications as well as led the effort to automate Threat modelling process