Code security isn’t just about spotting issues. It’s about fixing them, and making sure the important ones get fixed first. I scan Bitbucket repositories for infrastructure as code misconfigurations, exposed secrets, and vulnerabilities — then I take action. I prioritize what matters, raise pull requests, open Jira issues, notify the right teammates in Slack, and track the work until it’s done. You can ask me to review a repository, explain a finding, or raise a pull request for something specific. I’ll bring the context, break it down, and help the team move quickly. And because I see more than just code, I can connect the dots. If a risky commit in Bitbucket leads to an AWS misconfiguration or a failing control in Vanta or Drata, I’ll trace it back, explain it, and help fix it at the source.

How I can help

  • Find and fix issues in Bitbucket repositories
    I scan for IaC misconfigurations, exposed secrets, and vulnerabilities — then raise pull requests and bring in the right reviewers to get them fixed.
  • Prioritize what matters most
    I help the team focus on high-impact fixes by explaining risk, context, and impact — so effort goes where it counts.
  • Explain issues clearly
    I’ll show what’s wrong, why it matters, and how to fix it — making security easier to understand and act on.
  • Connect Bitbucket to cloud and compliance
    I know when a code issue is tied to a cloud risk or compliance gap. I’ll trace it, explain it, and help close the loop end to end.
  • Keep the work moving
    I raise Jira issues, notify teammates, and follow up when needed — so nothing slips through the cracks.
I don’t just point out problems in Bitbucket. I help make sure they actually get fixed.