josuecarvajal
Sr Sec Ops Engineer
Highly motivated and experienced Senior Security Software Engineer with a proven track record of success in implementing and managing secure and reliable systems. Expertise in application security, DevSecOps, and cloud-native technologies. Proven ability to lead and mentor teams, and a passion for driving innovation and efficiency. Eager to contribute to the success of a forward-thinking organization and leverage expertise to ensure the highest levels of system reliability and security.
Experience: 7 years
Yearly salary: $140,000
Hourly rate: $70
Nationality: 🇨🇷 Costa Rica
Residency: 🇨🇷 Costa Rica
Experience
Sr Blockchain SecOps
QuickNode 2025 - 2026
QuickNode is one of the most trusted blockchain infrastructure providers, powering Web3 applications at scale. My role focuses on making sure that this foundation stays secure, resilient, and compliant across multi-chain systems. Key responsabilities System Hardening & Container Security – Strengthen the full stack, from bare-metal servers and VMs to Docker and Kubernetes. I apply secure configurations, shrink attack surfaces, and enforce least-privilege access. Secure Development & Vulnerability Management – Build security into the CI/CD pipeline, automate vulnerability detection, and work closely with engineers to apply secure-by-design practices throughout the software lifecycle. Application Security & External Audits – Review code-level security for several code bases including MCP AI servers and address findings from HackerOne and external auditors, and ensure fixes are integrated without slowing down innovation. At the core, I help protect the services that developers, enterprises, and protocols rely on to build the future of Web3.
Sr Security Software Engineer (AppSec)
Equifax 2024 - 2025
Perform SAST, SCA analysis to code base written in Go, Java, C++, and Typescript. Implement automation on pipelines to scan and audit codebases. Worked on implementing AI to enhance the security audit process.
Sr Security Software Engineer (DEVSECOPS)
Wind River Systems 2022 - 2024
Lead Vault Hashicorp implementation for a cloud-native DevOps platform. Performed threat modeling, vulnerability analysis, and application security hardening. Implemented architecture designs and code changes that saved significant installation time.
Security Software Engineer (AppSec)
Microfocus (OpenText) 2019 - 2022
Provided technical guidance to customers, project managers, and engineering teams. Secured ArcSight products in Cloud and on-prem systems by implementing vulnerability fixes and teaching team members about vulnerability management. Lead a team to provide hotfixes for customer production environments.
Developer Lead
Buklolab Research & Analytics 2018 - 2019
Meet with customers and gather requirements and translate them to an easy to understand technical requirements Architecture and design the software, interfaces, and how the different products will interact together Lead a team of 5 people to successfully present weekly deliverables to the customer
Skills
blockchain
devops
golang
java
python
smart-contract
web3
security
english
spanish