Enhancing Compliance and Audit Readiness:
Designed and led Enterprise Vulnerability & Compliance Management for over 10,000 assets, achieving 95% coverage at Capital One and Truist.
Built tools for Automated Compliance Assessments against NIST/CIS Sontrols & Benchmarks, resulting in a 75% audit readiness improvement at Capital One and Truist. This also reduced SOX audit preparation time by 60%.
Automated compliance evidence collection for frameworks like SOX, PCI, and FFIEC using Python and PowerShell workflows.
At Capital One, he operationalized DLP and insider threat monitoring platforms, detecting over 150 data exfiltration attempts annually.
Advancing DevSecOps and Automation:
Integrated security measures and best practices into DevOps lifecycles with automation, which led to 50% fewer deployment issues.
Implemented automated secure coding checks in CI/CD pipelines, reducing release delays by 25% at Capital One.
His work at Truist included embedding CIS Benchmarks and security guardrails into CI/CD pipelines for hundreds of AWS/Azure services and resources.
Proficient in scripting and automation tools like Python, Perl, Regex, PowerShell, and Bash, which contribute to 60% less manual compliance effort.