Natalie Gamboa

Senior Engineering Director, Product Security

Reston, VA, United States

Details

Education: Bachelor of Arts (B.A.)

University of Virginia

1992 : 1995

Experience: Responsible for managing a DevSecOps team to develop automated solutions and support tooling to promote a ‘shift left’ security culture. Manage and evangelize DevSecOps Partner Program in order to achive our mission of promoting a Security Minded culture and motivating Dev teams to ‘shift left’ and bring security considerations into effect with the very first line of code or infrastructure configuration. Develop workshops and training programs to support and drive the concept of Security Champions. Monitor, report and socialize risk across the various Divisions, Programs and Portfolios at the CollegeBoard. Serve as the liaison to DevOps teams for all Security related questions or concerns, including Audit support and risk management. Actively work with dev teams to perform security reviews and drive down vulnerabilities across all our Divisions and Programs.

2020 : Present

The CollegeBoard

Senior Director, DevSecOps, Information Security Office

Responsible for creating, launching and growing the DevSecOps Partner Program in order to achive our mission of promoting a Security Minded culture and motivating Dev team to ‘shift left’ and bring security considerations into effect with the very first line of code or infrastructure configuration. Manage and support DevSecOps tools and systems that enable devops teams to become Security Champions. Monitor, report and socialize risk across the various Divisions, Programs and Portfolios at the CollegeBoard. Server as the liaison to DevOps teams for all Security related questions or concerns, including Audit support and risk management.

2019 : 2020

The College Board

Senior Program Manager, DevSecOps, Information Security Office

Responsible for managing and driving direction of Enterprise Configuration Management Team, CM Tools and Services, Processes and Automation, supporting over 300 applications and 600+ developers. Manage development of a comprehensive CMDB system from the ground up as a Product Owner leveraging SCRUM methodologies. Support and drive adoption of enterprise build and deployment system.

2013 : 2019

The College Board

Product Owner and Director of Configuration Management

• Lead a team of 7 CM Engineers and managed day to day operations of the CMTeam.

• Plan, track and manage all CM projects.

• Implement, maintain and support all SDLC tools utilized by IT, including vendor management.

• Research, develop, document and implement processes and Best Practices for CMTeam.

• Generate monthly executive reports.

• Generate CM Team metrics.

• Identify relevant training and skills for CMTeam growth and development (ITIL, SCRUM, SQL Server).

2009 : 2013

The CollegeBoard

Lead Configuration Management Engineer

• Support and mentor a team of 7 CM Engineers and managed day to day operations of the CMTeam.

• Plan, track and manage assigned CM projects.

• Implement, maintain and support all SDLC tools utilized by IT, including vendor management.

• Research, develop, document and implement processes and Best Practices for CMTeam.

• Generate monthly executive reports.

• Generate CM Team metrics.

2003 : 2009

The College Board

Senior CM Engineer

Company: The CollegeBoard

Years of Experience: 24

Spoken Language: Spanish

Skills

A3, agile methodologies, clearcase, clearquest, cmmi, Configuration Management, Continuous Improvement, Creative Problem Solving, integration, ITIL, it service management, Privacy Compliance, problem management, Problem Solving, program management, quality assurance, sdlc, software configuration management, software development, Software Development Life Cycle (SDLC), software project management, spanish, sql, subversion, testing, unix, Vendor Management, visio, Software Project, Software Configuration

About

OBJECTIVE

To excel in a position involving solutions delivery, strategic planning, management of projects, definition of industry best practices and in-depth process development. Want to contribute to and grow in the organization by participating in or leading project(s) that utilize my strong and demonstrated Program Management, Organizational, Project Management, Leadership, Customer Service, Communication, Application Security and Technical skills.

PROFILE

Motivated, driven, creative, flexible and versatile self-starter with over 20 years of professional experience. Talent for quickly mastering concepts and technologies. I am a hands-on, out-of-the-box thinker able to adapt to new demands with experience in Application Security, DevOps and DevSecOps, AWS, SDLC, Vendor and Tool Management, Agile, Operations, CM & RM, Resource and Project management. Have solid experience driving projects to completion, managing programs, working with customers and end users and leading and mentoring teams.

Flexible and versatile – able to maintain a sense of humor under pressure. Poised and competent with demonstrated ability to easily transcend cultural differences. Thrive in deadline-driven environments. Excellent process development skills. Experience in generating RFP’s, performing tool evaluations, and performing vendor management.

SKILLS SUMMARY

DevSecOps Experience

• Application Security, Security Gates in CI/CD, Software Composition Analysis, OWASP top 10, Vulnerability Management and Remediation, Secure Developer Training, Secure Code Review Training, Compliance and Audits, Risk Analysis

DevOps Experience (SDLC)

• CI/CD, Agile and SCRUM methodologies, Infrastructure as Code, Application Releases

Tool Adoptions, Integrations and Enterprise rollouts

• Procurement and Vendor Management, Tool Analysis and Selection, Pilots, Technical Documentation, Training, Tool Feature and Enhancement management

Release and Configuration Management

• Build Management, Artifact Management, Patch Management, Change Management, Process Development

Project/Program Management

• Requirements, Planning, Stakeholder Management, Communications, Delivery