• Leveraged infrastructure data and Snyk 3PP vulnerability data to create an interconnected graph db of Heroku components

• Integrated the Einstein AI gateway and engineered tailored prompts to interpret and transform a user's plaintext question into db queries and interpreted results

Performing security assessments of new Heroku & Mulesoft features which consists of:

• Collaborating with engineers to get a full grasp of the engineering work

• Analyzing designs from a security mindset and identifying potential vulnerabilities

• Referencing company security standards and security best practices

• Proposing effective mitigations for vulnerabilities

• Performing a code review & security testing once engineering work is completed

Providing general security guidance to engineers

Monitoring & responding to incoming questions/requests from engineers in a timely manner

Collaborating with other security engineers on projects that promote continuous assurance

Aggregated data from Github Marketplace and Internally trusted vendors & established trust requirements/levels

Wrote this tool in python, ran it on Heroku with Postgres addon, incorporated an interactive Slack bot to communicate results and get input from security team