Security Engineer

Highly effective DevSecOps Engineer with 10+ years of progressive experience, leveraging a deep foundation in IT Operations, Endpoint Security, and Infrastructure as Code (IaC) to drive security automation. Expertise in designing and maintaining CI/CD pipelines using GitHub Actions and AWS CodePipeline/CodeBuild, integrating advanced security tools like CodeQL (SAST) and OWASP ZAP/Burp Suite (DAST), and securing cloud environments (AWS/Azure) with Terraform and policy-as-code. Proven ability to deliver business value and compliance, highlighted by a 35% reduction in HITRUST certification project delays through automated IAM, RBAC, and least privilege enforcement.