Open to opportunities

JUAN PABLO GUTIERREZ YEPES

@juanpablogutierrezye

Message

Application Security Analyst and cybersecurity specialist, automating DevSecOps security to reduce operational risk.

Colombia

Message

What I'm looking for

I’m looking for an application security / DevSecOps role where I can automate vulnerability management and security controls in cloud environments (AWS/Azure/GCP), collaborate across IT and OT teams, and continuously reduce operational risk.

I’m an Application Security Analyst and Telecommunications Engineer who focuses on integrating security into how teams build, deploy, and operate software. In my current role, I design and implement AI-assisted security workflows and automation pipelines that connect security controls, vulnerability data, and operational signals for better risk prioritization and secure delivery.

I strengthen security across the software development lifecycle by performing enterprise application security assessments and embedding DevSecOps practices into CI/CD pipelines. I also develop automation scripts in Python and JavaScript to optimize vulnerability management, event analysis, and reporting, and I support incident response through log analysis, alerts, and SIEM platforms.

Previously, as a Cybersecurity Specialist and Cybersecurity Lead across IT and OT environments at a manufacturing plant in Colombia, I led regional initiatives that improved secure integrations with internal and external networks. I implemented application and server improvements—system hardening, patch management, and vulnerability remediation—and designed an automation initiative for regional server patching that reduced obsolescence, manual effort, and downtime.

I bring hands-on engineering experience from my research and technical roles, including containerized deployments with Docker and Kubernetes and cybersecurity integration work for applied projects. I also keep building through personal technical documentation and projects around DevSecOps, infrastructure, security, and automation—so my approach stays practical, repeatable, and focused on reducing real operational risk.

Experience

Work history, roles, and key accomplishments

Current

Application Security Analyst

Current

IBM

Apr 2025 - Present (1 year)

Designed and implemented AI-assisted security workflows and automation pipelines integrating security controls, vulnerability data, and operational signals to improve risk prioritization and secure delivery efficiency. Performed application security assessments, embedded security into CI/CD DevSecOps pipelines, and supported incident response using SIEM log analysis across AWS/Azure/GCP environmen

Application Security DevSecOps CI CD Vulnerability Management Security Automation Incident Response

Cybersecurity Lead

Procter & Gamble

Aug 2023 - Apr 2025 (1 year 8 months)

Led cybersecurity initiatives across IT and OT environments in a manufacturing plant in Colombia, defining secure application and cloud integrations with internal and external networks. Implemented security improvements through system hardening, patch management, vulnerability remediation, and a regional automation initiative for server patching to reduce obsolescence, manual effort, and downtime.

System Hardening Patch Management Cloud Security Security Automation Technical Training

Python Researcher Developer

Tolu Research and Development Laboratory (ID-TOLÚ)

Nov 2022 - Jan 2023 (2 months)

Developed Python and Java solutions for applied research projects, including containerized deployments using Docker and Kubernetes. Supported cybersecurity system integration, implemented and tested networks with OpenAirInterface and Magma, and evaluated Quality of Experience (QoE) in a 5G broadcast pilot.

Python Java Docker Kubernetes Network Testing QoE Evaluation

Technical Support Specialist

1 Centro de alta Tecnología S.A.S

Jul 2022 - Jan 2023 (6 months)

Provided technical support for an Internet Service Provider serving rural areas by diagnosing and resolving incidents to ensure service quality. Designed secure technology solutions, implemented IoT systems for census and data collection, configured secure connections and access controls, and monitored security threats in operational environments.

Network Troubleshooting Access Control IoT Security Monitoring Secure Connectivity

Network Monitoring Assistant

University of Quindío

Feb 2022 - Jun 2022 (4 months)

Monitored and administered network resources, configuring and operating routers, switches, and firewalls. Implemented Access Control Lists (ACLs) and basic network security measures to improve access control and network protection.

Network Monitoring Switch Configuration Firewall Administration Access Control List (ACL)Network Security

Solar Irradiation Researcher

Electrae Group

Aug 2021 - Jun 2022 (10 months)

Conducted research on solar irradiation and its impact on renewable energy generation by collecting and analyzing geospatial data in real-world environments. Developed Python (Pandas) solutions to create solar irradiation maps and identify high-potential energy zones.

Solar Irradiation Research Geospatial analysis Python Pandas Data Analysis Mapping

Education

Degrees, certifications, and relevant coursework

University of Quindío

Electronic Engineer, Electronic Engineering

2018 - 2023

Electronic Engineering studies with emphasis on telecommunications and systems, including networking, IoT, application orchestration, and infrastructure design. Thesis focused on researching and validating a 5G Broadcast implementation as an early warning and disaster prevention mechanism in Latin American contexts.