As an Application Security Engineer I have been engaged with helping large, medium, and small companies protect themselves and their customers from on-line attacks.
I have always been viewed as an engineer who can bridge the gap between technology and business application. Discussing technical subjects with fellow engineers in detail while also reflecting business advantages and dis-advantages clearly to any level of business management. Being an open and friendly encounter, communicating with people helps give me insight into their needs and how I can help them fulfill those needs.
Through the use of SAMM or BSIMM and by developing custom SSDLC for my clients I can help them establish a strategic, integrated approach to application security. I also perform vulnerability discovery through automated tools in combination with a manual review process where online applications are scrutinized to identify probable attack scenarios. Techniques are then recommended through training and mentoring to provide a tactical remediation effort.
To me, knowledge is power but the impression you leave on people in a social environment can set you apart from others.
Specialties Java, J2EE, JSF, Struts, Swing, .NET, C++, C, Oracle, SQL Server