Zachary Hickman
Finding vulnerabilities in your SDLC before the threat actors do. An AppSec Architect who speaks fluent Developer, bridging the gap between deep software engineering roots and advanced cloud vulnerability management at scale.
💻 GitHub 💻 Forgejo ✉️ Email Me

Summary

Security-focused Vulnerability Management Engineer and AppSec Architect with over 15 years of deep enterprise experience securing hybrid, multi-cloud, and large-scale application environments. Bridging the gap between deep development roots and advanced security strategy, Zachary specializes in building secure-by-design software, automating the Software Development Lifecycle (SDLC), and engineering robust vulnerability management pipelines. Proven expertise in Tenable platform administration, SIEM detection tuning, and building custom security automation workflows using Python, SQL, REST APIs, and business intelligence tooling to eliminate risk at scale.

Expertise

Enterprise Application Security & SDLC

Leading AppSec initiatives for large-scale environments, including secure coding standards, threat modeling, and code review automation.

  • DevSecOps Gating: Integrating automated security tooling (SAST/DAST/SCA) directly into CI/CD pipelines.
  • Secure-by-Design: Aligning software engineering teams with robust web application standards (OWASP Top 10) and least-privilege principles.

Vulnerability Management & Pipeline Engineering

Deep technical expertise in orchestrating continuous scanning, validation, and prioritization pipelines across complex corporate ecosystems.

  • Platform Administration: Primary architect for enterprise Tenable suites (Nessus, Tenable.sc, Tenable VM, Cloud, and IoT).
  • Workflow Automation: Engineering custom data scripts (Python, PowerShell, SQL, REST APIs) to automate triage, reporting, and ticketing (ServiceNow/Jira).

SIEM, Analytics & Detection Engineering

Transforming raw security telemetry into actionable, prioritized operational intelligence.

  • Detection Tuning: Developing and refining detection logic and alert filtering inside IBM QRadar, Splunk, and ELK Stack environments.
  • Security Business Intelligence: Building centralized data models (MSSQL/PostgreSQL) and interactive Power BI executive dashboards for compliance and exposure tracking.

Hybrid & Cloud-Native Security

Leveraging extensive infrastructure engineering experience to secure modern, distributed workloads.

  • Cloud Architecture: Hardening infrastructure across Azure, AWS, GCP, and Oracle Cloud environments.
  • Containerization & Config: Securing containerized workloads (Docker), microservices, and utilizing Infrastructure as Code (Ansible/YAML).