Open to opportunities

Vanye Wadawasina

@vanyewadawasina

Message

CISSP-certified Security Engineer specializing in application security.

Canada

Message

What I'm looking for

I am looking for a role that fosters innovation and collaboration, where I can leverage my skills in application security to drive impactful security initiatives and contribute to a strong security culture.

I am a highly experienced Security Engineer with a strong focus on enhancing the security posture of high-scale, cloud-native applications. As a CISSP-certified professional, I specialize in leading application security initiatives and driving the automation of security controls within CI/CD pipelines. My proven ability to reduce vulnerabilities and build resilient software is achieved through embedding secure development practices and collaborating closely with engineering teams in AWS and Google Cloud environments.

In my current role as a Senior Security Engineer at Roche, I lead security engineering initiatives that have significantly improved application security. By owning the threat modeling process, I have proactively guided defenses for new projects, preventing 65% of potential incidents. Additionally, I have driven the automation of security controls, reducing security risks by 70% through a Python-based vulnerability management workflow. My experience also includes architecting secure AWS configurations and collaborating with stakeholders to enhance threat detection and response capabilities.

Experience

Work history, roles, and key accomplishments

Current

Senior Security Engineer

Current

Roche

May 2023 - Present (2 years 3 months)

Led security engineering initiatives to enhance application security, including owning the threat modeling process to guide proactive defenses for new projects, preventing 65% of potential incidents. Drove the automation of security controls in CI/CD pipelines by engineering a Python-based vulnerability management workflow integrating Tenable (SCA) and SonarQube (SAST), reducing security risks by

Application Security Threat Modeling CI CD Python Tenable SonarQube AWS Kubernetes Terraform

Security Engineer

Cerebral

Aug 2021 - Present (4 years)

Spearheaded the design and implementation of a scalable AppSec program, integrating Snyk (SAST/SCA) into GitHub Actions to slash software vulnerabilities by 80%. Continuously assessed and improved cloud security measures by configuring automated vulnerability management with AWS CNAPP and Terraform, reducing open risks by 75%.

AppSec Snyk GitHub Actions)CNAPP Terraform Cloud Security Vulnerability Management

Cybersecurity Engineer

Molecular You

Sep 2020 - Present (4 years 11 months)

Defined secure SDLC practices and embedded them across the engineering organization to bolster infrastructure and ensure zero security breaches during tenure. Developed and delivered secure coding training based on OWASP standards, increasing staff security awareness scores by 70%.

SDLC Secure Coding OWASP Security Awareness Infrastructure Security

Education

Degrees, certifications, and relevant coursework

New York Institute of Technology

M.S. in Cybersecurity, Cybersecurity

2018 - 2019

Completed a Master of Science in Cybersecurity, achieving distinction. Focused on advanced topics in cybersecurity, preparing for roles in securing complex systems and applications.

Middlesex University

B.Sc. in Information Technology and Business Information Systems, Information Technology and Business Information Systems

2010 - 2013

Earned a Bachelor of Science with First Class Honours in Information Technology and Business Information Systems. Gained comprehensive knowledge in IT and business systems, laying the foundation for a career in technology.