Sr. Application Security Engineer
Under Armour
Sep. 2023 - Present
Focused on bringing practical security controls closer to software delivery without losing engineering velocity.
- Delivered a custom Python CLI tool leveraging Prisma twistcli, enabling engineering teams to reduce container image vulnerabilities by 70% via automated scanning and prioritized remediation
- Built custom Jira integrations to deliver targeted vulnerability reports to prioritized engineering teams
- Coordinated vulnerability patching efforts from SAST and DAST tools to over 100 developers
- Deployed an automated vulnerability management pipeline using AWS, Python, and Bash, aggregating and normalizing results across 10 AppSec tools
- Designed and implemented a proprietary vulnerability scoring framework leveraging Snowflake and Tableau to prioritize over 100,000 findings across enterprise applications for business leadership
- Validated findings from external researchers via Bugcrowd, ensuring quality and business impact prior to escalation
AppSecSecure SDLCDevSecOpsCI/CD
Application Security Engineer
Sectigo
Jan. 2022 — June 2023
Built internal solutions in Python while working through real operational security constraints.
- Spearheaded AppSec initiatives by centralizing 750+ repositories into GitHub Enterprise and onboarding 12 key product lines into the core SCA platform
- Authored and championed a comprehensive Secure SDLC policy, aligning executive stakeholders to standardize AppSec practices org-wide, across 100 developers
- Built end-to-end custom telemetry systems using Python, PostgreSQL, Grafana, and Jira integrations to measure, visualize, and track AppSec KPIs
- Established foundational governance and security metrics reporting, directly influencing InfoSec planning and audit readiness
PythonAutomation
Application Security Engineer
Farm Credit Bank of Texas
Mar. 2020 - Dec. 2021
Moved across several product and consulting environments, building breadth in legacy systems and modern web stacks.
- Co-designed the organization’s first Application Security program, mapped to the OWASP Top 10, with input from security, DevOps, and engineering leaders
- Developed an enterprise application inventory system (161+ applications) using C#, SQL, Azure DevOps, and Event Sentry, providing asset visibility and ownership tracking
- Authored governance documentation covering Veracode scanning, API security, and vulnerability management workflows
- Managed web application scanning and vulnerability reporting using Barracuda WAS, and coordinated remediation efforts with affiliated banks and internal teams
AppSecC#PowerShellSQL
Software Engineer
PoolCorp
Aug. 2018 - Aug. 2019
Building practical software and publishing writing on engineering, security, and useful tooling.
- Developed RESTful APIs and backend tooling to integrate MS-SQL product data with Elasticsearch, enabling efficient search across a 150,000+ product catalog used by hundreds of internal users
- Engineered scalable internal tools using .NET Core, React, and Redux, and prepared the platform for Docker-based deployments in Microsoft Azure
- Initiated and led bi-weekly internal “share sessions” to demo new tools, promote knowledge sharing, and strengthen team engineering culture
- Contributed to full-stack feature development across legacy systems, including UniBasic ERP, VB.NET/C# web services, and Vue.js front-end applications
C#.NET CoreJavaScriptReactVue.jsElasticMS-SQL
Software Developer
Immense Networks
Sept. 2017 - July 2018
- Developed a WinForms application using C# and advanced asynchronous programming techniques to process and visualize crane arm strain sensor data
- Maintained multiple JavaScript and C# codebases, contributing to both frontend and backend application improvements
- Maintained and enhanced PowerShell scripts managing over 500 client workstations, ensuring access controls, script hardening, and system reliability in production environments
C#WinFormsPowerShellIT
Software Engineer
PHI, Inc. / Helipass
Nov. 2016 - Sept. 2017
- Supported and enhanced a C# MVC web application used to automate passenger check-in workflows at domestic and offshore heliports
- Contributed to full-stack development with C#, SQL, JavaScript, and Knockout.js, ensuring high reliability in safety-critical transport logistics
C#.NETKnockout.jsJavaScriptTypeScriptSQL
Application Developer
Performance Contractors
Oct. 2015 - Nov. 2016
- Built a Windows service for digital invoice conversion, and provided web development support for a pipe material data coordination project
- Managed invoice processing applications built with xCP, Documentum, and Captiva
C#Documentum
Programmer I
Louisiana Farm Bureau Insurance
Feb. 2013 - Oct. 2015
- Built a custom SublimeText plugin with Python and JCL for COBOL development
- Designed and built a responsive design for Farm Bureau’s public website with Bootstrap 3
- Maintained web services in VB.NET and backend services using COBOL & JCL in z/OS environments
VB.NETCSSCOBOLJCLPython