Alex Spencer
Fort Gibson,OK
Summary
Application Security Engineer with over four years of experience dedicated to providing world-class application security services. Experienced at training and educating users on relevant cyber security procedures and preventative measures. Specialized in vulnerability scanning, operating and managing security software, and working to prevent cyber-attacks, especially in business and corporate settings.
Overview
4
4
years of professional experience
1
1
Certification
Work History
Application Security Engineer
Saltworks Security
09.2019 - 11.2023
- Worked as a Security Consultant for various organizations in banking, healthcare, automotive, and government.
- Operated vulnerability scanning tools like Fortify SCA, Fortify on Demand, Snyk, and Checkmarx One.
- Scanned hundreds of unique web applications across a broad variety of programming languages, including: Java, Javascript, C++, .NET, Apex, Cobol, Python, Typescript, and Visual Basic.
- Performed false-positive reviews on scan results to verify authenticity.
- Ensured adherence to regulatory standards such as: HIPAA, PCI DSS, GDPR, CCPA, SOX, NIST, and NYDFS.
- Spearheaded remediation efforts to reduce business risk.
- Trained developers and team members on operation of security tools, namely Fortify SCA and Snyk.
- Communicated with diverse development teams, built rapport and long-term relationships, and achieved consistent remediation goals.
- Conducted multiple OWASP Software Assurance Maturity Model (SAMM) interviews designed to assess maturity of an organization's security posture.
- Created in-depth knowledge base on operation and usage of OSS/SAST/DAST scanning.
Education
Bachelor of Science - Cyber Security
Northeastern State University
Tahlequah, OK05-2019
Skills
- Vulnerability Assessment
- Application Security Architecture
- Developer Security Training
- Risk Analysis
- Security Auditing and Compliance
Certification
Checkmarx Certified Partner Engineer
Checkmarx | November 2023
Demonstrated proficiency in Application Security training in Checkmarx One and the ability to conduct a full product demonstration of the Checkmarx One platform.
Fortify SCA & SSC Certified Practitioner
OpenText | March 2022
This certification provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today’s most common business security risks to applications. A student will learn to scan, assess and secure applications using the Fortify Static Code Analyzer (SCA) and Software Security Center (SSC).
Timeline
Application Security Engineer
Saltworks Security
09.2019 - 11.2023
Bachelor of Science - Cyber Security
Northeastern State University
Similar Profiles
Mark LewisMark Lewis
Chief Revenue Officer at Saltworks Security, Inc.Chief Revenue Officer at Saltworks Security, Inc.
ZIYUE WU, EITZIYUE WU, EIT
Controls & Automation Engineer at Saltworks TechnologiesControls & Automation Engineer at Saltworks Technologies
Pauline YeungPauline Yeung
Accounting Assistant at Saltworks Technologies IncAccounting Assistant at Saltworks Technologies Inc