Passionate and seasoned DevSecOps engineer, hands-on with Java EE, Spring, Django, OAuth 2.0/OIDC, SAML, OWASP top 10, SANS top 25, SAST, DAST and AWS, Google/GCP cloud technologies. Hands-on with Kubernetes, Linux and relevant hardening techniquest: CIS, NIST / FedRAMP, FIPS. Hands-on security researcher and pentester. Able to pentest iOS, MacOS, Windows, Android, Web applications. Experienced with OAuth 2.0, OIDC, SAML pentesting and security best practices. Familiar with Burp Pro, Burp EE, Drozer, OWASP Zap, Postman, Metasploit, Kali Linux, tcpdump, Wireshark, SecurityOnion. Familiar with Puppet, Ansible, Terraform. GitOps / DevOps / DevSecOps practitioner.
©