Loading...
Loading...
Himalayas
About usHimalayas PlusCommunityTech stackEmployee benefitsTerms and conditionsPrivacy policyContact usFor job seekers
Create your profileBrowse remote jobsDiscover remote companiesJob description keyword finderRemote work adviceCareer guidesJob application trackerAI resume builderResume examples and templatesAI cover letter generatorCover letter examplesAI headshot generatorAI interview prepInterview questions and answersAI interview answer generatorAI career coachFree resume builderResume summary generatorResume bullet points generatorResume skills section generator© 2025 Himalayas. All rights reserved. Built with Untitled UI. Logos provided by Logo.dev. Voice powered by Elevenlabs Grants
Join the remote work revolution
Join over 100,000 job seekers who get tailored alerts and access to top recruiters.
@tracygauger
Senior application security engineer driving secure development and remediation.
United StatesI am a passionate and dedicated application security professional who excels at collaborating across teams to secure applications while supporting business objectives. I bring hands-on experience with SAST, DAST, SCA tools and manual penetration testing.
At Albertsons Safeway I onboarded almost 1,000 repositories into Veracode in just over a year, integrated Veracode with CI/CD to block high-severity vulnerabilities, and created AppSec dashboards and reports for stakeholders. I also drove prioritized third-party vulnerability remediation using risk metrics like EPSS and KEV.
I have built application security programs for clients, performed assessments, analyzed automated tool findings to reduce false positives, and integrated security tooling into Azure DevOps and Jira. In prior roles I configured WAFs, coordinated pentest engagements, verified remediations, and performed security testing using tools like Burp Suite, AppScan, Nmap, sqlmap and Metasploit.
I hold GWAPT and CISSP certifications and a CCSK certificate, and I enjoy mentoring junior security staff, educating developers and DevOps engineers, and communicating technical risk to executive stakeholders.
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!
Work history, roles, and key accomplishments
Albertsons Safeway
Aug 2022 - Present (3 years 3 months)
Onboarded nearly 1,000 repositories into Veracode in just over a year, integrated Veracode into CI/CD to block high-severity vulnerabilities, and drove third-party vulnerability remediation prioritized by risk metrics such as EPSS and KEV.
GuidePoint Security
Oct 2021 - Jul 2022 (9 months)
Built application security programs for clients, performed SAST/DAST/SCA and manual penetration testing, and integrated AppSec tooling into Azure DevOps and Jira while producing evidence-based remediation reports.
Bottomline Technologies
Feb 2021 - Oct 2021 (8 months)
Coordinated with development teams to manage AppSec expectations and audit evidence, analyzed SAST/DAST results to eliminate false positives, performed manual penetration testing, and managed third-party pentest engagements.
Minnesota Judicial Branch
Nov 2019 - Jan 2021 (1 year 2 months)
Onboarded F5 Silverline WAF and coordinated cross-functional launches, performed security assessments for web applications, verified remediations from third-party pentests, and supported phishing training rollout.
MNIT
Jul 2018 - Nov 2019 (1 year 4 months)
Performed security testing and exploit demonstrations on proprietary web applications, produced remediation reports, and presented security awareness at new employee orientations.
Bremer Bank
Mar 2017 - Jul 2018 (1 year 4 months)
Ran Tenable compliance scans and tailored audit files to harden OS, managed IAM attestations and application password compliance, and led phishing awareness and annual training achieving 100% compliance for two years.
Veritas
May 2002 - Apr 2011 (8 years 11 months)
Worked in Agile across the SDLC performing feature and regression testing, wrote test automation, participated in static code reviews, and acted as engineering liaison for partner programs.
Degrees, certifications, and relevant coursework
UMBachelor of Science, Computer Science
Completed a Bachelor of Science in Computer Science at the University of Minnesota, Institute of Technology.
UMBachelor of Arts, Psychology
Completed a Bachelor of Arts in Psychology at the University of Minnesota, College of Liberal Arts.
Software and tools used professionally
United StatesYou can contact Tracy and 90k+ other talented remote workers on Himalayas.
Message TracyBamidele Olanlesi
Lead Application Security Engineer III, Signify Health
SASharma Achutani
Sr Application Security Engineer, WellsFargo
Jamie Chang
Application Security Developer, Avanade Inc.
Eguono Obrik-Uloho
Application Security Engineer, Blackduck
DRDave Ruiz
Senior Cloud Security Engineer, Altium
Tayo Ojo
Senior Application Security Engineer, Glassdoor
Richa Aryal
Application Security Intern, Inovalon
Ernest Stuart
Application Security Engineer, Genuine Parts Company
Vijay Kumar Adepu
Cybersecurity Engineer, Augur Talent Care
Likith Sai K User
Application Security Engineer, Humana
