Professional Resume Template for
Application Security
Elena M. Rodriguez
San Francisco, CA
(415) 555-0142
elena.rodriguez@email.com
linkedin.com/in/elena-rodriguez | github.com/elenarodriguez
Professional Summary
Pragmatic Application Security Engineer with 5 years of experience implementing secure software development lifecycles (SSDLC) and DevSecOps pipelines in cloud-native environments. Specializes in automating SAST/DAST/SCA tool integration within CI/CD pipelines, conducting hands-on threat modeling for AWS architectures, and performing secure code reviews in Java, Python, and Go. Proven track record of reducing vulnerability remediation timeframes by 38% and training 120+ software developers in secure coding practices to prevent OWASP Top 10 flaws. Professional certifications include CSSLP and AWS Certified Security Specialist.
Work Experience
Application Security Engineer — Logix Financial Systems
San Francisco, CA | July 2023 – Present
- Automated SAST and SCA scanning tools into the GitHub Actions CI/CD pipelines for 45 microservices, reducing vulnerability detection latency from 4 days to under 15 minutes.
- Led threat modeling sessions for 14 cloud-native web applications using STRIDE methodologies, identifying and mitigating 40+ security design flaws prior to production releases.
- Partnered with development teams to remediate 180+ critical and high vulnerabilities, resulting in a 42% decrease in overall application security risk metrics over 12 months.
- Designed and delivered secure coding training modules covering the OWASP Top 10, lowering developer-introduced injection flaws by 55% across 8 software engineering product teams.
Associate Security Engineer — NetFlow Security
San Jose, CA | June 2021 – June 2023
- Conducted secure code reviews and static analysis audits for 30+ Java and Python code repositories, identifying and resolving over 120 input validation and cryptographic flaws.
- Integrated DAST tools into active test suites, enabling daily vulnerability scans that cut external penetration testing finding counts by 33% year-over-year.
- Authored secure coding guidelines and libraries for standard authentication and encryption functions, eliminating repeat security defects in new feature development.
- Investigated and responded to 25+ application security alerts from bug bounty programs and internal reporting channels, coordinating patches within a 72-hour average SLA.
Education
Bachelor of Science in Computer Science
Santa Clara University · Santa Clara, CA · 2021
Skills
SAST, DAST, SCA, Threat Modeling, STRIDE, Secure Code Review, Cryptography, OWASP Top 10, Penetration Testing, CI/CD Integration, AWS, Java, Python, Go, GitHub Actions, Docker, Kubernetes, Burp Suite, SonarQube, Snyk, Semgrep
Projects
Automated Security Scanning Pipeline
Role: Lead Security Engineer
Tools: GitHub Actions, Semgrep, Snyk, DefectDojo
Designed and deployed a unified DevSecOps orchestration engine, scanning 50+ repositories automatically and reducing vulnerability resolution loops from weeks to 3 days.
Microservices Threat Model Audit
Role: AppSec Engineer
Tools: AWS, Threat Dragon, Draw.io, Confluence
Conducted comprehensive STRIDE threat modeling for a new cloud financial ledger system, uncovering 12 architecture defects before coding commenced.
Certifications
- Certified Secure Software Lifecycle Professional (CSSLP) (2023)
- AWS Certified Security - Specialty (2022)
Additional information
- Languages: English (Native), Mandarin (Conversational)
- Volunteer Work: Mentoring cybersecurity students through local professional chapters (2022-present)
- Availability: 3 weeks notice
Job Market Insights
Market data and opportunities for
Application Security
Job Market Insights
$120,000
-
$170,000
Avg:
$145,000
Growth Outlook:
The demand for Application Security Engineers in the United States is expanding rapidly as organizations adopt cloud-native microservices and continuous deployment models. With regulatory environments tightening and cyber threats targeting the software supply chain, application security has shifted from a periodic compliance check to a continuous development integration. Employment for information security professionals is projected to grow by 29% from 2024 to 2034, which is significantly faster than the national average.
29% growth over 10 years
Key Skills Required
Focus on these skills when customizing your resume for recruiter screenings.
Search Jobs
Explore live openings for
Application Security
roles and tailor your resume to match the market demand.
Search
Application Security
FAQ
Common questions about the
Application Security
position