Himalayas logo
TG
Open to opportunities

Tracy Gauger

@tracygauger

Senior application security engineer driving secure development and remediation.

United States
Message

What I'm looking for

I seek a senior AppSec role where I can lead remediation efforts, integrate security into CI/CD, mentor teams, and communicate risk to stakeholders while supporting business goals.

I am a passionate and dedicated application security professional who excels at collaborating across teams to secure applications while supporting business objectives. I bring hands-on experience with SAST, DAST, SCA tools and manual penetration testing.

At Albertsons Safeway I onboarded almost 1,000 repositories into Veracode in just over a year, integrated Veracode with CI/CD to block high-severity vulnerabilities, and created AppSec dashboards and reports for stakeholders. I also drove prioritized third-party vulnerability remediation using risk metrics like EPSS and KEV.

I have built application security programs for clients, performed assessments, analyzed automated tool findings to reduce false positives, and integrated security tooling into Azure DevOps and Jira. In prior roles I configured WAFs, coordinated pentest engagements, verified remediations, and performed security testing using tools like Burp Suite, AppScan, Nmap, sqlmap and Metasploit.

I hold GWAPT and CISSP certifications and a CCSK certificate, and I enjoy mentoring junior security staff, educating developers and DevOps engineers, and communicating technical risk to executive stakeholders.

Experience

Work history, roles, and key accomplishments

AS
Current

Senior Application Security Engineer

Albertsons Safeway

Aug 2022 - Present (3 years 2 months)

Onboarded nearly 1,000 repositories into Veracode in just over a year, integrated Veracode into CI/CD to block high-severity vulnerabilities, and drove third-party vulnerability remediation prioritized by risk metrics such as EPSS and KEV.

GS

Application Security Engineer

GuidePoint Security

Oct 2021 - Jul 2022 (9 months)

Built application security programs for clients, performed SAST/DAST/SCA and manual penetration testing, and integrated AppSec tooling into Azure DevOps and Jira while producing evidence-based remediation reports.

BT

Application Security Engineer

Bottomline Technologies

Feb 2021 - Oct 2021 (8 months)

Coordinated with development teams to manage AppSec expectations and audit evidence, analyzed SAST/DAST results to eliminate false positives, performed manual penetration testing, and managed third-party pentest engagements.

MB

Application Security Engineer

Minnesota Judicial Branch

Nov 2019 - Jan 2021 (1 year 2 months)

Onboarded F5 Silverline WAF and coordinated cross-functional launches, performed security assessments for web applications, verified remediations from third-party pentests, and supported phishing training rollout.

BB

Information Security Risk Analyst

Bremer Bank

Mar 2017 - Jul 2018 (1 year 4 months)

Ran Tenable compliance scans and tailored audit files to harden OS, managed IAM attestations and application password compliance, and led phishing awareness and annual training achieving 100% compliance for two years.

VE

Software Test Engineer

Veritas

May 2002 - Apr 2011 (8 years 11 months)

Worked in Agile across the SDLC performing feature and regression testing, wrote test automation, participated in static code reviews, and acted as engineering liaison for partner programs.

Education

Degrees, certifications, and relevant coursework

University of Minnesota logoUM

University of Minnesota

Bachelor of Science, Computer Science

Completed a Bachelor of Science in Computer Science at the University of Minnesota, Institute of Technology.

University of Minnesota logoUM

University of Minnesota

Bachelor of Arts, Psychology

Completed a Bachelor of Arts in Psychology at the University of Minnesota, College of Liberal Arts.

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Tracy Gauger - Senior Application Security Engineer - Albertsons Safeway | Himalayas