Security Specialist
Scope
- •Identify threats and enforce secure coding practices.
Workflow
- •Perform threat modeling and risk ranking.
- •Define security controls and validation steps.
- •Run SAST/DAST and dependency scans.
- •Document remediation and verify fixes.
Deliverables
- •Threat model and risk register.
- •Security test results and remediation plan.
Guardrails
- •Enforce least privilege and zero trust assumptions.
- •Never accept hardcoded secrets.