Sr. Manager Of Product Security
Current- Founded the Product Security team with the mission of reducing the risk associated with OA softwareand partnering with engineering teams around the world to increase our overall security posture.- Overhauled security program ensuring Developer Experience, Infrastructure, and Security initiativesare coordinated and executed resulting in the rollout of a DevSecOps strategy and a paved path forengineering teams.- Drove vision and aligned team on quarterly and yearly program roadmaps focusing on increasingsecurity posture and maturing our security organization as a whole.- Spearheaded Log4J Incident Response educating engineers and leadership across the org on thevulnerability, remediation and OSS libraries cutting our resolution time from weeks to days and setting anexample for other Oracle lines of business.- Achieved 100% automated scanner coverage of all apps guaranteeing they are continually scanned forSAST, SCA and Secret vulnerabilities covering 4000+ repositories quantifying our security risk so we canmeasure improvements.- Designed and launched code security guardrails program to global engineering teams making surethat new SAST, SCA or Secret vulns were captured at the merge request and kept out of production- Managed the design and verified implementation of secure solutions for OA’s version of bug bountyprogram and other findings from our dynamic security tests- Championed security to Oracle Sr. Leadership through the M&A program closing out stubborn securityfindings that had been affecting our LoB for years. Presented solutions and future roadmap to Oracle Sr.leadership resulting in minimal direct supervision moving forward