AppSec Engineer

Profile Summary

This Senior AppSec Engineer architects and implements robust security controls directly into the software development lifecycle, ensuring applications are secure by design. They are adept at identifying vulnerabilities early and building automated solutions that scale across large enterprise environments. Their mission is to fortify critical systems and empower development teams to deliver secure products efficiently.

Problems Solved

• Reduced critical application vulnerabilities by 45% within 12 months at a major Australian bank (e.g., CBA) by integrating DAST/SAST tools and providing targeted developer training.
• Engineered and deployed a custom static analysis pipeline for a cloud-native platform, identifying over 200 high-risk security flaws before production release and reducing manual review effort by 30%.
• Developed an automated vulnerability remediation tracking system that decreased average fix time for high-severity findings by 25% across 15+ development teams.

What They Build

They build secure software development lifecycles (SSDLCs), integrating security tooling and processes from design to deployment. Their focus is on creating scalable, automated security solutions that empower developers to write secure code and minimize security debt.

What Would Make Them Move

Want a senior AppSec engineer role focused on API security and microservices. Looking for a company with a complex distributed architecture where security is genuinely hard. Not interested in compliance-driven orgs — want engineering-driven security.

Mission & Values

Application security is where the rubber meets the road. I have seen what happens when security is an afterthought, and I am driven to make sure it is never an afterthought again.

Growth Areas