Antonio Rivera

Professional Summary

Skilled DevSecOps practitioner with experience in application security, cloud security automation, threat modeling, and risk assessments. Adept at creating secure CI/CD pipelines and managing AWS cloud infrastructure.

Employment History

• Application Security Engineer Intern at Cyberpro University 2024 – Present

  ● Development of secure CI/CD controls deployment which included SAST, DAST, SCA, and API Security testing.
  ● Assessment of software security management controls for adherence to OWASP ASVS and MASVS, and OWASP SAMM.
  ● Deployed AWS EC2 instances, security policies, group policies, IAM roles and profiles. Managed tokens using AWS Secrets Manager.
  ● Created a CI/CD pipeline in AWS from scratch using tools such as SNYK, Cloud Sonar, GitHub, Visual Studio Code, Homebrew, TruffleHog and OWASP ZAP.
  ● Ran TruffleHog to identify secrets expose such as passwords or tokens in plain text in the application code.
  ● Used Bash to configure automation.

• Licensed Optician at Walmart, Inc November 2016 – March 2024

  ● Customer service.
  ● Eyeglass and contact sales. Top Salesman for the past 3 years.
  ● IT network troubleshooting.
  ● Teaching and Training multiple apprentices.

Education

DevSecOps: Cyberpro University

Cybersecurity: Southern New Hampshire University

GRC Analyst: Simply Cyber

Skills and Certifications

• Application Security
• OWASP ASVS, SAMM, Top 10
• Container Security
• API Security
• Cloud Security Automation
• IaC Security
• Governance Risk & Compliance
• Threat Modeling & Risk Assessments
• Security Operations
• Information Security Program Management
• AWS Cloud Infrastructure
• FedRamp Guidelines
• CD/CI Pipeline Automation

Certifications

• CYBERPRO- Certified DevSecOps Practitioner
• ISC2- Cybersecurity Certified
• IriusRisk- Certified DeRisker Threat Model Champion
• Simply Cyber- GRC Analyst

Projects

• Created a static website using AWS S3 bucket to host my resume. Used HTML, JavaScript, and CSS.