AppSec Engineer

Profile Summary

This Senior AppSec Engineer architects and implements robust security controls across the software development lifecycle, ensuring critical applications remain resilient against evolving threats. They are passionate about embedding security by design, translating complex security requirements into actionable, scalable solutions for high-growth tech environments. Their mission is to build secure systems that empower rapid innovation without compromising user trust.

Problems Solved

• Reduced critical and high-severity vulnerabilities in production applications by 45% within 12 months at a leading Australian fintech (e.g., Airwallex) by integrating DAST/SAST into CI/CD pipelines.
• Engineered and deployed a custom Web Application Firewall (WAF) rule set, blocking over 10,000 malicious requests daily and preventing 3 major attack attempts against a core banking platform (e.g., CBA).
• Automated security testing for over 20 microservices, decreasing manual review time by 60% and enabling faster release cycles while maintaining security posture.

What They Build

They build secure application architectures, automated security testing frameworks, and developer-friendly security tools. Their focus is on creating scalable, resilient systems that proactively defend against application-layer threats and integrate seamlessly into agile development workflows.

What Would Make Them Move

Looking for a senior AppSec role at a product company where I can own the SDLC security program. Want to work closely with developers — embedding security into CI/CD, not bolting it on after. Need a company that ships weekly, not quarterly.

Mission & Values

I believe every developer should be able to ship secure code without needing a security degree. My job is to make security invisible — baked into the pipeline, not bolted on at the end.

Growth Areas