Summary
Overview
Work History
Education
Skills
Certification
Languages
Timeline
Generic

Haysel Santiago

Horsham,United States

Summary

Application Security Engineer with 8+ years of experience securing enterprise environments across retail, healthcare, and financial sectors. Proven ability to reduce exploitable risk through scalable vulnerability management programs, automated SAST gating, and strong developer collaboration. Experienced integrating security controls into CI/CD pipelines and supporting both cloud and on-premise infrastructure security initiatives. Known for translating security risk into actionable remediation strategies and executive-level reporting.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Staff Cyber Technical Specialist

Albertsons
Remote
11.2022 - Current
  • Implemented GitHub SAST gating across CI/CD pipelines, preventing 95% of critical vulnerabilities from reaching production environments.
  • Worked with engineering teams to review application architectures and recommend security controls for new services and deployments.
  • Automated Veracode user access provisioning using Python, reducing manual administrative workload and improving application security onboarding processes.
  • Acted as the primary InfoSec liaison for multiple business units, driving vulnerability remediation initiatives and delivering executive-level risk reporting.

Application Security Engineer

National Board Of Medical Examiners
Philadelphia, PA
11.2021 - 11.2022
  • Conducted security assessments on applications to identify vulnerabilities and risks.
  • Developed and implemented secure coding standards and best practices for development teams.
  • Collaborated with cross-functional teams to integrate security measures into software development lifecycle.
  • Executed automated SAST and infrastructure security scans, identifying and remediating 200+ high and critical vulnerabilities across enterprise systems.
  • Supported incident response investigations, helping identify root causes related to security misconfigurations and system weaknesses.

Technical Instructor (Contract)

Code Differently
Wilmington, DE
08.2021 - 11.2021
  • Developed and delivered technical curriculum for software development courses.
  • Facilitated hands-on coding workshops to enhance student engagement and learning outcomes.
  • Implemented assessment tools to evaluate student progress and provide constructive feedback.
  • Introduced students to GitHub workflows, Windows administration fundamentals, and secure development principles.

Cyber Vulnerability Management Analyst

JPMorgan Chase
Wilmington, DE
09.2019 - 08.2021
  • Partnered with development and infrastructure teams to drive enterprise vulnerability remediation campaigns across multiple business units.
  • Produced executive-level reporting on enterprise security posture, including patch compliance metrics, and firewall misconfigurations.
  • Analyzed operational data to identify trends and support strategic decision-making initiatives.

Software Engineer

JPMorgan Chase
Wilmington, DE
06.2018 - 09.2019
  • Developed scalable software solutions using Java and Python to enhance application performance.
  • Worked with cross-functional teams in Agile environments to deliver high-quality software products on schedule.
  • Implemented continuous integration and deployment (CI/CD) pipelines to streamline development workflows.

Education

Bachelor of Science -

Pennsylvania State University
Middletown, PA
12-2015

Skills

  • Secure SDLC
  • SAST/DAST
  • OWASP Top 10
  • Ci/CD security integration
  • Security posture metrics
  • Veracode
  • Github Actions
  • Python automation
  • AWS fundamentals

Certification

  • Trusted AI Safety Expert (TAISE) Certificate - December 2025
  • Certificate of Cloud Security Knowledge (CCSK) - Cloud Security Alliance - March 2025
  • Google IT Support Professional Certificate - 2021
  • Certified Scrum Master (CSM) - Scrum Alliance - 2021
  • CISSP - In Progress (Target 2026)

Languages

Spanish
Native or Bilingual

Timeline

Staff Cyber Technical Specialist

Albertsons
11.2022 - Current

Application Security Engineer

National Board Of Medical Examiners
11.2021 - 11.2022

Technical Instructor (Contract)

Code Differently
08.2021 - 11.2021

Cyber Vulnerability Management Analyst

JPMorgan Chase
09.2019 - 08.2021

Software Engineer

JPMorgan Chase
06.2018 - 09.2019

Bachelor of Science -

Pennsylvania State University

Similar Profiles

  • Iyyappan GopalIyyappan Gopal

    Staff Risk Expert Technical Information Security Advisor (TISA) at Walmart Global TechStaff Risk Expert Technical Information Security Advisor (TISA) at Walmart Global Tech

  • Ravindra Moorthy NeriyanuriRavindra Moorthy Neriyanuri

    Associate Vice President, Cyber Security and Risk Management Practice at Tech Mahindra AmericasAssociate Vice President, Cyber Security and Risk Management Practice at Tech Mahindra Americas

  • Daniel ElderDaniel Elder

    Sr Cyber Security Engineer at Sinclair Broadcast GroupSr Cyber Security Engineer at Sinclair Broadcast Group

  • Luiz VieiraLuiz Vieira

    Global Director, Technical Audit & Assurance at MambuGlobal Director, Technical Audit & Assurance at Mambu

CREATE PROFILE