Security Engineer

Implemented organization-wide security practices and tooling including Trivy, Trufflehog, and GitHub security features. Researched exploits using EPSS framework and conducted penetration tests on feature releases. Built centralized vulnerability management solution and enforced least privilege access controls. Led SOC2 and ISO27001 compliance efforts, managed GitHub organization migration, and enhanced deployment security with ArgoCD. Triaged bug bounty reports and conducted security awareness training.