Session Name: The Evolution of a Security Champion
In this talk, we will explore: (1) The roots of a security champion, (2) The roles of a security champion, (3) What motivates a security champion, (4) The indispensable traits of a security champion, (5) The indispensable skills of a security champion, (6) The indispensable resources that a security champion needs, (7) Ideas to identify and recruit a the perfect security champion, (8) Scaling your security champions program, and (9) Addressing the upskilling needs of a security champion. This talk is based on experiences of being a security champion, and being a security consultant that was responsible for creating and managing a security champions program. We will wrap up the talk by witnessing a showdown between a DevSecOps Engineer and a Security Champion.
Marudhamaran Gunasekaran is a Security Consultant with strong passion for securing software development through training and consulting. He enjoys working with Engineering and Operations teams to seamlessly imbibe the security mindset even before a single line of code is written. He is the developer and maintainer of the OWASP ZAP Dot Net API and you would find him speaking at various meet up groups and conferences on topics related to Agile Software Development and Security. Some of his certifications include Azure Certified Security Engineer, Microsoft Certified Trainer, ISO 27001 Lead Auditor, Professional Scrum Master I, II, and III, Certified DevSecOps Professional. His specialties are DevSecOps, Agile Coaching, Scrum, Microsoft Stack, threat modeling, and Auditing. He is a part of TUDelft Universities' MOOC courseware for Global software engineering, and an author at Pluralsight.