arnaudhightower

Security Engineering & Risk Mitigation

• Led the design and implementation of security protocols across cloud infrastructure (AWS/GCP/Azure), reducing incident risk by over 60%.
• Conducted regular vulnerability assessments and penetration tests, remediating critical findings and improving system hardening.
• Developed and enforced company-wide security policies, including access control, encryption standards, and secure coding practices.

Incident Response & Threat Detection

• Built and maintained SIEM and IDS/IPS systems, enabling real-time detection and response to security events.
• Acted as lead incident responder during multiple critical security events, coordinating investigation, containment, and post-incident reviews.
• Automated log analysis and alerting pipelines, reducing time-to-detection by 40%.

Compliance & Security Audits

• Assisted with internal and external audits (SOC 2, ISO 27001), preparing documentation and ensuring controls met compliance standards.
• Worked closely with legal and compliance teams to maintain data protection policies aligned with GDPR, CCPA, and industry regulations.

Cross-Functional Collaboration & Education

• Partnered with DevOps and engineering teams to embed security into CI/CD pipelines (DevSecOps).
• Conducted company-wide security awareness training sessions, reducing phishing susceptibility among employees.
• Advised product and business teams on security implications of new features or partnerships.