Julian Fonticoba

Check out my profile as an Application Security Architect and DevSecOps.

Graduated in Computer Engineering with a Master's degree in Cybersecurity, I have more than 5 years of experience working in Application Security and DevSecOps processes for large clients. My expertise is focused on developing solutions for Secure Software Development Life Cycle (SDLC) security, using SAST and SCA tools, as well as vulnerability management and collaboration with development teams to implement secure practices.

Furthermore, I highlight for my skills in scripting automation development in bash and Python, as well as for my knowledge in web development using Java and React.

My profile is marked by a proactive and professional attitude, supported by high ambition and strong teamwork skills. I am constantly focused on continuous improvement professionally and training, where I have obtained the Certified AppSec Practitioner (CAP) certification by the company SecOps Group with merits.

See my CV

Skills

Application Security

Implementation of SAST, DAST and SCA code analysis in CI/CD, secrets detection, container analysis and IaC security analysis in SCMs such as Azure DevOps or GitHub.

Security automations over CI/CD

Establish security automations in Python and Bash within an S-SDLC, setting Security Gates and Security Policies based on different standards, such as OWASP.

Vulnerability tracking

Integration of issues in vulnerability repositories such as Defect Dojo, following up on the correction of issues by implementing Security Champion programs.

Hi, my name is Julián! Application Security Architect DevSecOps.

Check out my profile as an Application Security Architect and DevSecOps.

Skills

Application Security

Security automations over CI/CD

Vulnerability tracking

My personal projects

fafnir-sec

pynipper-ng

Contact

My socials

Contact with me,