• Partnered with development teams to integrate Snyk SAST into CircleCI pipelines with a fail-fast policy, enabling consistent early-stage blocking of critical vulnerabilities; drove a 30% reduction in exploitable issues in production releases.

• Influenced DevSecOps practices by building automated Bash and PowerShell monitoring tools to validate NLP model artifacts across CI/CD, staging, and production layers; mitigated production data leakage risk by enforcing artifact consistency.

• Automated secure token lifecycle for Google Secret Manager using resilient Golang, Python, and Shell scripting services, eliminating manual handling and improving auditability of sensitive credentials across cloud services.

• Conducted application code reviews and worked closely with engineering teams to embed secure coding practices, improving AppSec awareness and reducing repeated security findings.

• Designed and deployed a real-time threat detection pipeline on GCP, combining BigQuery-based log analysis with custom ETL to automate weekly IOC reporting; directly supported SOC team threat investigations and response.

• Evaluated and adopted Snyk (SAST) and Invicti (DAST) in CI/CD pipelines, introduced fail-fast security gates, and reduced build-stage vulnerabilities.

• Developed a Python-based automation tool to integrate Snyk and Jira APIs, streamlining vulnerability management workflows; cut manual ticketing effort by 90% and improved time-to-remediation tracking.

• Collaborated with infrastructure and Development teams to implement secure SDLC practices across core AI product stack.

Worked as Forgerock IAM Developer