# Robert C.

> Senior Security Engineer @ Ramp

Location: New York, New York, United States
Profile: https://flows.cv/robertc

Security Engineer. Pursuing my passion for secure systems and software development.

## Work Experience
### Senior Security Engineer @ Ramp
Jan 2025 – Present | New York, NY

### Head of Security @ Bastion
Jan 2024 – Jan 2025 | New York, NY
- Led the security program to achieve compliance with NYDFS Part 500 and SOC 2 while implementing
improvements across applications and infrastructure.
- Developed and executed the security roadmap, optimizing vendor relationships and aligning security
initiatives with business objectives.
- Designed and deployed request signing (JWT authentication) for external APIs, ensuring integrity of
customer requests.
- Built and executed disaster recovery tabletop exercises, authored manual playbooks, and deployed
Incident.io to strengthen incident response.
- Implemented a SIEM solution (RunReveal), integrating native log sources to establish foundational
monitoring and detection capabilities.
- Integrated SAST and DAST tools into the CI/CD pipeline, enabling earlier detection of vulnerabilities in
development.

### Lead Security Engineer @ Alchemy
Jan 2022 – Jan 2024 | San Francisco, CA
- Engineered and executed the company's comprehensive security strategy, aligning it with business goals and achieving SOC II Type 2 compliance.
- Engineered and implemented foundational security programs, including cloud, application, and corporate security, enhancing overall security posture.
- Developed and deploy Single Sign-On using OAuth2/OpenID Connect, rolled out to enterprise customers, and owned ongoing feature support.
- Conducted risk assessments and vulnerability assessments, implementing mitigation strategies and managing external security vendors.
- Designed and executed a robust incident response plan, including Disaster Recovery and Incident Response Tabletop Exercises, reducing detection and response times.
- Championed DevSecOps practices, integrating security into the software development lifecycle and overseeing the secure migration of core infrastructure components.
- Built and led a cross-functional security engineering team, establishing scalable security policies and promoting a security-first culture.

### Application Security Engineer @ Robinhood
Jan 2020 – Jan 2022 | Menlo Park, CA
- Directly responsible for Static Application Security Testing (SAST) strategy, design, and engineering. Integrated systems for vulnerable dependency scanning and secret scanning of code repositories and Slack.
- Performed security reviews of system design documents, code changes, and new vendors.
Partnered with developers to remediate vulnerabilities in applications and systems.
- Managed public bug bounty program by communicating with external researchers, validating findings, working with internal teams to remediate vulnerabilities, and paying out bounties.
- Oversaw company’s developer security education covering common secure coding practices and common security issues.


## Education
### Bachelor of Engineering (B.E.) in Computer Engineering
Ryerson University


## Contact & Social
- LinkedIn: https://linkedin.com/in/robert-coleman
- Website: https://github.com/robertTheHub

---
Source: https://flows.cv/robertc
JSON Resume: https://flows.cv/robertc/resume.json
Last updated: 2026-04-07