# Jiaqi (Johnny) Chen

> DevSecOps, SOC, PCI expert, CISSP

Location: New York, New York, United States
Profile: https://flows.cv/jiaqijohnnychen

DevSecOps engineer/InfoSec manager with extensive experience working in SaaS, payment, and startups. Skilled in building and maintaining InfoSec program and cloud infrastructure. CISSP leading both PCI and SOC 2 Type II audits and day-to-day InfoSec, IT, and GRC operations. Enthusiastic about security, compliance, automation, communication, and optimization.

## Work Experience
### SecOps Engineer IV @ Finix
Jan 2025 – Present
• Lead information security and compliance functions

### SecOps Engineer III @ Finix
Jan 2023 – Jan 2025 | San Francisco, California, United States
• Handle all aspects of security and compliance for an acquirer processor, from high level program and framework design to low level implementation, and anything in between to ensure business operation and continuous expansion
• Tackle resource constraint by building effective and scalable solutions
• Care about communication, teamwork, leadership, and mentoring

### SecOps Engineer @ Finix
Jan 2021 – Jan 2023 | San Francisco, California, United States
Had DevOps, AppSec, and GRC responsibilities:
• Led end-to-end PCI and SOC 2 audits
• Set up end-to-end GRC tool to automate audits and improve organization maturity
• Performed security reviews for new services and features, conducted gap analysis based on changes, and defined and implemented new security controls
• Implemented static analysis tools and integrated into CI/CD
• Created penetration testing suite for API and dashboard using Burp Suite and Postman
• Patched vulnerabilities in code and infrastructure
• Developed RBAC for AWS EKS

### DevOps Engineer @ Othot
Jan 2017 – Jan 2021 | Greater Pittsburgh Area
DevOps:
• Led daily administration, on-call engineering support, and system hardening of containerized and highly scalable SaaS product deployed in GCP
• Implemented proactive monitoring system to ensure system availability of 99.9%
• Expanded and managed CI/CD pipelines in Jenkins with testing in Selenium C#
• Leveraged Terraform and Ansible to manage GCP resources
• Optimized cloud resource spending to cut annual operation cost by more than 40%

InfoSec:
• Instituted many firsts in InfoSec guidelines, policies, and procedure, including Business Continuity Plan and Disaster Recovery Plan as CISSP
• Spearheaded the first and every subsequent SOC 2 Type 2 audit
• Coordinated penetration testing and mitigation process
• Introduced cloud cybersecurity services for email, data, and web (Mimecast) to organization, and automated InfoSec Training delivery procedure

### Data Curator Intern @ Othot
Jan 2016 – Jan 2016 | Pittsburgh, Pennsylvania, United States
• Designed and implemented solution to pull in US Census data to be used in Machine Learning pipeline
• Collaborated with development and data science team to test and integrate the solution
• Optimized solution based on production feedback


## Education
### Bachelor of Science - BS in Economics and Statistics
Carnegie Mellon University

### Pudong Foreign Languages School, SISU


## Contact & Social
- LinkedIn: https://linkedin.com/in/jiaqi-johnny-chen

---
Source: https://flows.cv/jiaqijohnnychen
JSON Resume: https://flows.cv/jiaqijohnnychen/resume.json
Last updated: 2026-04-05