- Secure the entire infrastructure stack from GKE configurations to high-level application logic.
- Build internal tooling and CI/CD automations to identify vulnerabilities before production deployment.
- Lead threat modeling sessions and perform secure code reviews to ensure secure-by-default architecture.
- Harden authentication and access control across all internal and external surfaces.
- Launch and manage the company Bug Bounty Program, including triaging reports and driving remediation.
- Conduct incident response, orchestrate pen testing, and facilitate blameless postmortems.
GCPKubernetesCI/CD+1 more