Brandon Braswell

Information Security Engineer

Charlotte Metro

About

Experience

  • Senior Cybersecurity Engineer at AT&T
    Aug 2025 - Present · 1 yr

    -Engineer and maintain CI/CD pipelines using GitHub Actions and Jenkins to support security integration for 100+ GitHub repositories. -Built Power Automate workflows leveraging generative AI (Copilot and AT&T generative AI platform) to automate manual compliance requests, reducing manual effort for server non-compliance remediation. -Developed a GitHub-based deployment intake system using issue forms to trigger automated vulnerability and dependency scanning prior to Jira ticket creation. -Integrated CycloneDX into GitHub Actions to automate SBOM (Software Bill of Materials) generation, ensuring continuous PCI audit compliance. -Serve as the Technical Application Owner for two business-critical, customer-facing applications, overseeing vulnerability management, metadata mapping, and user-access reviews to establish a technical "Source of Truth" for internal and external audits.

  • TIAA (2 yrs 3 mos)
    • API Security Engineer
      Dec 2024 - Aug 2025 · 9 mos

      Contributed to building API endpoints for internal data encryption and participated in designing and implementing a policy-based authorization engine to strengthen IAM controls. Developed a GitLab CI/CD pipeline to validate file syntax in open merge requests. Worked with JWT authorization, including evaluating caching strategies for JSON Web Key Sets.

    • IAM Engineer
      May 2024 - Dec 2024 · 8 mos

      I worked with BoKs Linux Authentication system, developing Ruby scripts to automate tasks previously performed manually by the IAM Operations team, which improved system efficiency and reliability. I also designed a new Software Development Life Cycle (SDLC) process that improved version control in our SailPoint codebase and streamlined the promotion of code from development to production environments, significantly improving deployment consistency and traceability.

    • Cloud Security - Vulnerability Management Engineer
      Dec 2023 - May 2024 · 6 mos

      I worked with the cybersecurity tool Wiz to write Cloud Configuration Rules that would monitor TIAA cloud resources. These cloud configuration rules would ensure that cloud resources followed desired rules and regulations.

  • Cyber Security Analyst at TIAA
    May 2022 - Aug 2022 · 4 mos

    Technology intern working on the Cybersecurity Software Release Management team. I am responsible for reviewing and scheduling product changes to ensure the changes are compliant with Change Management policy and to reduce the risk that changes will have a negative impact on the production environment. I am responsible for end to end oversight of the change requests and utilized tools such as Archer and ServiceNow.

  • Cyber Security Analyst at TIAA
    May 2021 - Aug 2021 · 4 mos

    Technology intern working on the Cybersecurity Detection and Response team. I was responsible for identifying and resolving possible phishing attacks and detecting network attacks utilizing tools such as CrowdStrike, WireShark, Palo Alto, and FireEye.