QA/ Cybersecurity/ Product Analysis

LaMar Lofton

Marietta, GA ***** • 210-***-**** • *************@*****.*** • linkedin.com/in/lamar-lofton

Active Secret Security Clearance U.S. Army Veteran Security+ (Renewal in Progress) CEH (In Progress)

PROFESSIONAL SUMMARY

Cybersecurity-focused QA Engineer and Analyst with 5+ years of experience in security validation, vulnerability assessment, risk documentation, and secure SDLC practices across web, mobile, and API platforms. Proven ability to identify vulnerabilities, validate security controls, and translate technical findings into actionable reporting. Former U.S. Army Power Generation Engineer with active Secret Clearance and direct experience supporting DoD-aligned systems. Holds a Claude AI Mastery Certification with hands-on GenAI workflow automation. Actively targeting entry-to-mid-level Cybersecurity Analyst, SOC Analyst, Risk Analyst, and QA/Product Analyst roles where analytical precision, security testing expertise, and clear documentation create immediate impact.

CORE COMPETENCIES

Cybersecurity & Risk: Vulnerability Assessment • Risk Documentation & Reporting • OWASP Top 10 • Secure SDLC • NIST Awareness • DoD/DHS Compliance • Penetration Testing (Basic) Security Controls Validation • Threat Analysis • Social Listening / OSINT

QA & Testing: Manual & Automated Testing • Test Plan Execution • Test Case Creation • Defect Tracking • UAT • API Testing • Regression Testing • Agile/Scrum

Tools & Platforms: Selenium • Playwright • Postman • JIRA • Azure DevOps • Jenkins • Burp Suite • OWASP ZAP • SQL • VS Code • Java • JavaScript

AI & Automation: Prompt Engineering • GenAI Workflow Automation • Claude AI • ChatGPT • Copilot • Midjourney • Gemini

PROFESSIONAL EXPERIENCE

Senior Software Tester Homeland Security / FEMA Aug 2024 – Dec 2025

•Developed and executed secure software testing strategies — including manual and automated testing — for mission-critical government applications aligned to DHS cybersecurity requirements.

•Led QA efforts ensuring applications met federal compliance standards; partnered with InfoSec and project teams to embed security requirements directly into the QA pipeline.

•Diagnosed and resolved security vulnerabilities and system integrity issues, producing clear remediation documentation for engineering teams.

•Drove enterprise risk management activities: defined risk criteria, led risk identification workshops, and produced risk-focused status reports for program leadership.

•Championed a security-first QA culture by establishing documentation standards and mentoring team members on secure testing best practices.

Software Test Manager Appddiction Studio Oct 2018 – Feb 2026

•Directed end-to-end automated test suite development for web, mobile, and API applications, reduced regression cycle time through reusable Selenium and Playwright frameworks.

•Agile Scrum methodologies to manage multiple concurrent projects, ensuring on-time delivery while maintaining security and quality standards.

•Debugged and profiled software across desktop and mobile platforms with a focus on secure handling of user data and PII.

•Supported cross-functional risk management activities, coordinating with the Project Delivery team to track and mitigate operational risk.

•Mentored junior testers on QA best practices, OWASP Top 10 awareness, and secure testing methodologies.

Software Product Tester / QA Product Analyst Candor Technology Inc. Sep 2021 – Mar 2023

•Analyzed product requirements and supported development teams throughout Agile sprint cycles for mortgage-related software platforms.

•Executed SQL queries to validate data accuracy, investigate anomalies, and support root cause analysis of system issues.

•Evaluated corrective and preventive actions (CAPAs) to confirm they met reliability and risk mitigation standards.

•Conducted functional testing, documented defects in Azure DevOps, and collaborated with developers and product managers to drive resolution.

•Assisted in user acceptance testing (UAT) and ensured product readiness for release, identifying process improvements that enhanced efficiency and usability.

Power Generation Engineer U.S. Army Aug 2012 – Aug 2020

•Operated and maintained mission-critical power systems under strict security, safety, and DoD operational protocols.

•Maintained accountability of sensitive equipment and classified documentation in controlled environments, reinforcing risk awareness and procedural compliance.

•Collaborated with leadership and program managers on logistics, health IT, and operational readiness initiatives across multiple deployments.

CERTIFICATIONS & CLEARANCE

•Active Secret Security Clearance

•Claude AI Mastery Certification – AI Workflow & Prompt Engineering

•Midjourney AI Certification

•Gemini AI Certification

•Lovable AI Certification

•Certified Ethical Hacker (CEH) – In Progress

•CompTIA Security+ – Renewal in Progress

EDUCATION

Full Stack Java Career Accelerator Codeup Jan 2018 – Mar 2019

Intensive program covering Java, SQL, JavaScript, HTML/CSS, and full-stack web development with a focus on collaborative, project-based learning.

CYBERSECURITY PROJECTS & SIMULATIONS

AIG Shields Up – Cybersecurity Virtual Experience (Forage) Feb 2026

•Completed threat analysis simulation for the Cyber Defense Unit; researched CISA-published vulnerabilities and drafted remediation guidance for affected teams.

•I wrote a Python script for ethical hacking to brute-force decryption keys, demonstrating practical scripting skills in a ransomware scenario.

Mastercard Cybersecurity Virtual Experience (Forage) Feb 2026

•Served as analyst on Mastercard's Security Awareness Team; identified and reported phishing threats and assessed which business units required enhanced security training.

Deloitte Australia Cyber Job Simulation (Forage) Feb 2026

•Analyzed web activity logs to support a client through a cybersecurity breach; identified suspicious user activity patterns and contributed to incident documentation.

Vista Equity Partners – AI in Action Job Simulation (Forage) Feb 2026

•Applied Vista's four-part prompt framework (Ask, Context, Examples, Desired Output) to synthesize NPS survey data into executive-ready insights, improving output clarity by 50%+ through iteration.

•Designed and tested repeatable GenAI workflows for news aggregation, data reconciliation, and qualitative insight summarization using ChatGPT and Copilot.

Open-Source Threat Monitoring & Social Listening Reports Ongoing

•Monitor public platforms (Reddit, GitHub, security blogs/forums) to identify emerging cybersecurity threats, vulnerability disclosures, and potential data leak discussions, producing structured intelligence reports.

Contact this candidate