New York City Metropolitan Area
I built the data layer that turns security noise into decisions. As an Attack Surface Management Analyst & Security Data Engineer at Becton, Dickinson & Company (BD), I work at the intersection of vulnerability management and data engineering - building the pipelines, models, and dashboards that give security teams and leadership a single, trusted view of cyber risk across 200k+ IT, cloud, OT/ICS, and IoT assets. What that looks like in practice: - Consolidate vulnerability and exposure findings from multiple security platforms — spanning cloud, on-prem, and OT environments — into a medallion-architecture lakehouse (bronze → silver → gold) using Python ETL, producing a unified, query-ready dataset for risk prioritization and reporting. - Turn raw scan data into defensible priorities with a CVSS + EPSS model that factors asset criticality and business impact. - Ship Power BI dashboards and KPIs - coverage, vulnerability aging, SLA compliance, risk reduction - that leadership actually uses. - Automate the manual work: a self-service Vulnerability Explorer tool I built cut analysis effort ~50% for 50 engineering and IT stakeholders I've grown through the full security stack at BD - from OT SOC monitoring, to Threat & Vulnerability Management, to ASM and security data engineering - so I understand both the analyst's daily reality and the data architecture that scales it. Every step, I've automated more manual work and put better numbers in front of decision-makers. I care about the measurable part of security: what's exposed, how fast we fix it, and whether the trend is improving — and I build the infrastructure that makes those answers automatic.