ALMAS KHAN

• Transformed organizational AppSec testing from ad-hoc requests to a mandatory release approval process across all projects, integrating security from the development phase.

• Led secure integration of 12+ major business projects into CI/CD pipelines with automated security testing and approval workflows.

• Oversaw 8+ enterprise audits and coordinated 70+ NYDFS compliance tests annually, ensuring complete regulatory alignment.

• Drove AI-enabled modernization by securely integrating AI-based tools into AppSec and governance workflows.

• Developed and authored AI policy, governance documentation, and risk management framework for ethical AI adoption.

• Implemented evidence automation that reduced manual audit preparation time by over 30%.

• Collaborated cross-functionally with 10+ business and engineering teams to align risk, compliance, and AppSec strategies.

• Managed third-party vendors and contractors supporting AppSec, DevSecOps, and audit operations; conducted performance reviews and ensured contractual SLAs were met.
• Collaborated with procurement and governance teams to onboard, review, and optimize vendor security capabilities, achieving improved vendor response and compliance timelines.

• Led AppSec solutioning and pre-sales support for enterprise/government clients.
• Worked with business partners to balance requirements, security and risk reduction.
• Traveled to client sites to perform onsite testing.
• Translated strategy into solutions and operating models by leading or managing others,

• Worked on InfoSec audits, vulnerability assessments, vendor risk governance.
• Created frameworks by designing and developing technical solutions.
• Liaised with third parties to respond to security events and understand threat landscape.
• Strengthened communication skills through regular interactions with others.
• Worked well in a team setting, providing support and guidance.

• Focused on IDAM, infrastructure security, and technical support.
• Created user accounts and assigned permissions.