- Capabilities
- 5
- Tools & platforms
- 5
- Discipline
- Security
Integrate security validation directly into CI/CD pipelines so that risks are caught before code reaches production — without slowing engineering teams down.
- CI/CD security gating (SAST, DAST, SCA)
- Container image scanning and runtime protection
- Kubernetes workload hardening
- Security automation in Python and Bash
- Secrets management and policy as code
The stack behind the work.
The tools I reach for day to day — with a rough sense of where my depth sits.
GitHub Actions
ExpertCI/CD security automation
Docker
AdvancedContainer builds & image hardening
Kubernetes
AdvancedWorkload isolation & runtime security
Jenkins
AdvancedPipeline gating (SAST/DAST/SCA)
Trivy
AdvancedImage & IaC vulnerability scanning
Projects that put this to work.
Enterprise AppSec Migration
Driving tiered application onboarding into a unified AppSec program with automated CI/CD gating.
IAM Least-Privilege Redesign
Role redesign and policy enforcement program reducing over-privileged access across cloud accounts.
CI/CD Security Automation
Embedded SAST, DAST and SCA gates into shared CI/CD pipelines for automated pre-deployment validation.
Application Security
Embedding secure-by-design into the SDLC.
Cloud Security
Hardening cloud-native estates at enterprise scale.
API & Identity Security
Securing the perimeter of distributed systems.
Technical Program Management
Turning security strategy into delivered outcomes.