Principal Product Security Engineer focused on offensive security, secure engineering, and building security programs that scale.
Principal Product Security Engineer
2024 – Present
NielsenIQ
- Lead the enterprise Penetration Testing program
- Drive Product Vulnerability Disclosure (VPD) and Bug Bounty initiatives
- Offensive security across Web, Mobile, APIs, Cloud and AI platforms
- Support Application Security through SAST, DAST, WAF and secure SDLC initiatives
- Partner with engineering teams on secure architecture and design reviews
- Build internal security tooling and automation
- Advance AI Security and secure adoption of LLM technologies
- Mentor engineers and help grow security culture across product teams
Areas of Expertise
Offensive Security · Web · API · Mobile · Cloud · Internal · External
Application Security · Secure SDLC · Threat Modeling · SAST · DAST · WAF · Security Reviews
Cloud Security · AWS · Azure · Containers · IAM · Kubernetes
AI Security · LLM Security · Prompt Injection · AI Risk Assessment · Secure AI Adoption
Engineering · Python · Automation · CI/CD Security · Security Tooling
Leadership · Technical Strategy · Mentorship · Security Programs · Cross-functional Collaboration
Education & Certifications
Bachelor of Computer Science — Computer Networks & Security
Universiti Teknologi Malaysia
- GPA 3.99 / 4.00
Professional Certifications
- OSCP
- GCPN (GIAC Cloud Penetration Tester)
- eWPTXv2
