Product Security Software Development
Resume:
Kim Zvik *******@*****.*** 510-***-****
Innovative Software Leader and Security Visionary
Trailblazing technologist with a career rooted in Artificial Intelligence (AI) and a passion for transforming how software operates—from infrastructure to code. Currently focused on enhancing developer workflows with security-driven automation and bots. Over 30 years of experience in tiered systems design and software security, particularly within the Financial Services sector. Proven leadership in DevSecOps with a track record of managing high-performing teams of up to 50. Known for driving Secure Software Development Lifecycle
(SSDLC) transformations and implementing scalable, continuous deployment practices across complex environments.
Software Engineering Cloud Transformation Leadership Security Experience
Senior Manager, Product Security – Information Security Rubrik San Francisco Bay Area 2024 - Present
Establish and scale a Global Product Security team to assess new products and features, including Salesforce Data Protection and AI offerings.
Partnering with the Global Program Management team to lead security engineering initiatives, organizing a company-wide “Security Fix Week” engaging over 800 engineers.
Chair of the Product Security Council Board, driving strategic security alignment across the organization.
Lead the CVE submission process and directed the implementation of the Secure by Design CISA pledge in partnership with Product Management.
Actively contribute to CVE remediation efforts, enabling product compliance with FedRAMP Medium certification standards.
Securing the software supply chain, including governance over open-source software ingestion.
Collaborating with Global Risk and Compliance teams to review and approve production releases from a security and compliance standpoint.
Advising Legal teams on complex technical matters involving data privacy and protection.
Automating dormant account cleanup processes and leading service account review initiatives across products.
Design and build a system to centralize and normalize product security reviews over a decade of product knowledge across 12 product pillars. Technologies: Endor Labs, Snyk, Legit, Wiz, Prisma Cloud, Palo Alto Networks, Azure, GCP, AWS, Jenkins, Terraform
Kim Zvik *******@*****.*** 510-***-****
Senior Cloud Architect - Technology Modernization
JPMorgan Chase & Co. San Francisco Bay Area 2022 - 2023 Contractor who championed end-to-end DevOps and modern software development practices, guiding teams in adopting CI/CD pipelines using Jenkins, SonarQube, and deploying Artifactory images to EKS via Terraform.
Led strategic assessments and modernization of development workflows, including database migrations to AWS to enhance scalability and performance.
Delivered innovative, business-aligned solutions that drove transformative outcomes amid major organizational changes.
Directed the successful migration of over 7,000 applications from Cloud Foundry to AWS using Kubernetes and ECS, significantly enhancing cloud agility.
Modernized legacy applications and engineering processes, including automation of infrastructure requests like firewall configurations.
Collaborated with cross-functional technology teams to assess and optimize toolchain architecture and implement integrated solutions.
Streamlined handoff processes across 80,000 engineers, resulting in millions in cost savings and substantial gains in development velocity.
Built tools to enhance operational efficiency, such as a Go-based system that auto-generates and deploys Kubernetes artifacts on AWS.
Simplified application migration by abstracting technical complexities and educating teams on running services effectively in containerized environments like Kubernetes. Technologies: AWS, Kubernetes, Cloud Formation, Terraform, .Net, Golang Senior Director - DevSecOps Cloud Transformation
Federal Deposit Insurance Corporation (FDIC) San Francisco Bay Area 2021 - 2022 Designed and delivered an advanced DevSecOps platform for a federal financial agency, ensuring secure, scalable, and efficient software delivery across critical systems.
Provided executive leadership and expert guidance in software engineering, DevSecOps, Agile methodologies, IT Service Management (ITSM), and Lean practices, driving cross-functional teams toward operational excellence.
Led the design, development, testing, and continuous management of integrated DevSecOps processes and toolchains, aligning with organizational security and innovation goals.
Drove the strategic development and deployment of new capabilities, leveraging a DevSecOps-driven approach to accelerate organizational transformation and enhance security posture.
Oversaw the implementation and maintenance of test automation and performance testing solutions, ensuring application and infrastructure reliability across the enterprise.
Conducted value stream analyses across multiple departments, delivering strategic recommendations and guiding their execution to streamline workflows and improve efficiency.
Served as a trusted technical consultant for senior leadership, providing insights and strategic direction on enterprise-level DevSecOps initiatives, toolchain architecture, and platform deployment.
Kim Zvik *******@*****.*** 510-***-****
Technologies: AWS, Kubernetes, Cloud Formation, Terraform, .Net, Golang, Java, Python Ansible, Docker, Git, Spinnaker, Jenkins, Maven, Cloud- Foundry. Senior Cloud Engineer - Cloud Transformation
JPMorgan Chase & Co. San Francisco Bay Area 2021
Designed and implemented next-generation cloud infrastructure leveraging AWS, GCP, and Azure, with a strong focus on security, compliance, and operational efficiency.
Played a key role in rapidly transitioning First Republic Bank’s operations to the cloud, working within a small, agile team to deliver high-impact results aligned with business goals.
Employed Infrastructure as Code (IaC) and automation tools to streamline application deployments in a fast-paced, dynamic environment.
Collaborated with cross-functional teams to architect and deliver solutions to complex technical challenges across cloud platforms.
Led mentorship and coaching efforts for fellow engineers, fostering knowledge sharing and technical growth.
Successfully migrated applications from legacy internal virtualized environments to scalable, resilient public cloud infrastructure.
Automated deployment pipelines and infrastructure provisioning for new applications using tools such as Terraform and Ansible.
Technologies: Kubernetes, Zero Trust, Software Bill of Materials (SBOM), GitHub AE, Azure,
.Net, Java, Maven, Ant, Terraform, InfoBlox, Ansible, SailPoint Senior Cloud Security Engineer – Kubernetes Security & Infrastructure Hardening Splunk San Francisco Bay Area 2021
Led the security hardening and implementation of global Kubernetes environments across on-prem, AWS EKS, and GCP GKE, ensuring robust security practices aligned with business objectives.
Designed, tested, deployed, and implemented advanced security tooling to strengthen production Kubernetes infrastructures, enhancing resilience and compliance.
Collaborated with Cloud infrastructure and product teams to migrate workloads to Kubernetes, ensuring secure-by-default configurations and seamless integration across the stack.
Managed key security areas, including network security, certificate management, pod security policies, role-based access control (RBAC), service mesh security (Istio), OPA, and other critical security initiatives.
Proactively identified, triaged, and remediated security vulnerabilities in Kubernetes environments, working cross-functionally to ensure timely resolution and minimal risk exposure.
Worked directly with product engineering teams to deliver customized security solutions, providing ongoing support to meet evolving security requirements.
Served as a security advocate, promoting best practices and fostering security awareness across the organization.
Panelist at Thrive-Wise, offering insights on SolarWinds security breaches and best practices for preventing cyber attacks.
Kim Zvik *******@*****.*** 510-***-****
Technologies: Tenable.io, K8s, Istio, Phantom, StackRox, Signal Science Director - Global Credit Scoring Implementation
FICO San Francisco Bay Area 2020
Directed the worldwide implementation and delivery of a consumer credit scoring algorithm, driving strategic initiatives to enhance performance and scalability on a global scale.
Led the transformation of a legacy predictive analytics scoring system to a cloud-native architecture, optimizing delivery and analytics capabilities.
Managed and scaled a high-performing global team responsible for packaging and deploying scoring software across 53+ countries, ensuring alignment with business goals and regulatory requirements.
Oversaw a $3M budget for B2B scoring consulting projects, managing resources and timelines to meet the evolving needs of key clients.
Championed a DevOps transformation strategy, improving collaboration, automation, and operational efficiencies across development and operations teams.
Architected and delivered a Score-as-a-Service (SaaS) platform for a major credit bureau partner on Google Cloud, enhancing scalability and service delivery. Technologies: Predictive Analytics, AWS, Checkmarx, BlackDuck, Enterprise Recon, Kubernetes, Docker.
Principal Engineer – Cloud Transformation & Infrastructure Strategy Salesforce San Francisco Bay Area 2018 - 2020
Led the cloud transformation initiative, migrating from Oracle databases to a Salesforce proprietary database across AWS, GCP, and Alibaba Cloud platforms, ensuring seamless scalability and operational efficiency.
Spearheaded the implementation of Infrastructure as Code (IaC) to create fault-tolerant, immutable data infrastructure, leveraging Spinnaker templates for automated deployment and scaling.
Served as a strategic advisor to the CTO, playing a pivotal role in forming a dedicated open-source team responsible for managing customizations of Apache Zookeeper across 16 departments.
Directed the successful migration of 60,000 servers to utilize mutual TLS (mTLS) for enhanced security, collaborating closely with the Security CTO to align efforts with enterprise security standards.
Technologies: Python, Java, Zookeeper, BookKeeper, AWS, GCP, Linux, Spinnaker, Kubernetes, FedRAMP.
Senior DevOps Manager – Autonomous Vehicle Navigation Technology HERE Technologies San Francisco Bay Area 2017 - 2018 Led the global DevOps strategy for autonomous vehicle navigation technology, leveraging AWS to drive scalable, secure, and efficient operations.
Orchestrated the migration of Oracle databases to AWS Relational Database Service (RDS), enhancing data management and cloud scalability.
Kim Zvik *******@*****.*** 510-***-****
Designed and implemented an automated workflow for onboarding microservices, collaborating across Security, Legal, and other cross-functional teams to streamline processes.
Proactively remediated security vulnerabilities within AWS environments, ensuring compliance with industry standards and best practices Technologies: AWS, Kubernetes, Jenkins, Java, XLRelease, Gerrit, iPAM, Cloudability Associate Director – Cloud Transformation & Security Remediation Moody's Corporation San Francisco Bay Area 2015 - 2017 Led the remediation of security vulnerabilities across 30+ products in collaboration with global development teams, ensuring adherence to best practices and compliance standards.
Managed the successful cloud transformation of the organization's file transfer system, migrating to AWS and Azure for enhanced scalability and performance.
Directed the migration of 20 years' worth of intellectual property to a new wiki platform, streamlining knowledge management and ensuring easy access across teams. Education University of California, Berkeley, California Bachelor's Degree Board Advisory
Advisory Council Member – Continuing Education, Women in Leadership California State University, Northern California (Remote) 2021 - 2022
Provide strategic guidance to enhance the reputation, relevance, and quality of credit and non-credit programs, ensuring alignment with community and business needs.
Support the School’s mission to bridge industry and academia by sharing professional expertise through classroom visits, forums, and conferences.
Advise on curriculum development and program offerings to strengthen industry engagement and expand educational impact.
Speaking Engagements
American Association of University Women - Keynote Speaker
Tegus - Silicon Valley Bank (SVB) Failure
Thrive-Wise - Colonial Pipeline Cyber Attack and Preventative Security Certifications
The Berkeley Executive Leadership Program, UC Berkeley - Haas School of Business
Certified SCRUM Master, Salesforce
Advanced Project Management - Stanford University
Artificial Intelligence (AI) - UC Berkeley, Executive Education
Object Oriented Database Design, Stanford Univ. & Western Institute for Computer Science Additional Job History Available
Contact this candidate