VerizonSecurity Architect IV, Product Security
Sep. 2021 - May. 2024Dallas-Fort Worth MetroplexConducted security reviews to identify and resolve vulnerabilities within 40+ internal products. Met with product owners, analyzed threat model reports, and assessed risks using SIEM tools. Collaborated with stakeholder teams on security design and code reviews. Delivered security guidance on internal encryption methods by NIST standards. Analyzed QRM scores and reviewed cloud and on-premises environments. Used Tenable, Black Duck, CrowdStrike, SAST/DAST scans, Burp Suite, and Splunk. ▪️Volunteered frequently for side projects and initiatives to enhance skillset, including hands-on involvement in pen testing methodologies and collaboration with the pen test team. ▪️Assisted in remediating Apache Log4j vulnerability across 50 products, collaborating with product owners to address issues and mitigate potential risks of remote code execution by bad actors, mitigating risk for 60% of products before layoff. ▪️Reduced quality risk management (QRM) scores for high-risk products by conducting analysis, generating reports, and presenting findings, then worked with affected product owners to reduce risk, bringing 50% of products into green QRM scores.