BPS

Question 1

Spearheaded secure coding initiatives, leading to the Canadian adoption of Aqua for automated code reviews,
establishing standard operating procedures for credential management, and documenting standards for secure
coding practices to mitigate vulnerabilities like SQL injection and hardcoded secrets

Answer 1

I noticed that secure coding practices were not being actively enforced in our development process.

I was not able to find policies or SOPs on confluence to guide our team on credential management and secure coding, leading to meetings with Corey and Darryl where our codebase became integrated with Aqua

Besides that I have also emphasized security in our team, creating documentation on how to use environment variables to store credentials and avoiding exposing anything in our code,

and also ensuring we follow secure coding practices, like using parameterized queries to prevent SQL injection

Question 2

Current role

Answer 2

In my role, I develop and maintain ETL processes to deliver data from SAP, marketing promotions, and inventory systems—into our SQL-based data warehouse.

Beyond the technical aspects, I’ve been particularly focused on data security and compliance throughout the ETL pipeline. I’ve actively monitored how we handle sensitive customer data, ensuring that it is properly sanitized before being stored. This includes implementing controls to prevent exposure of personally identifiable information (PII).

Additionally, I have been proactive in **monitoring third-party API providers **like Zeta, especially after their recent legal issues involving securities fraud and mismanagement of sensitive data. I flagged potential risks associated with their services and worked with internal teams to evaluate our reliance on their platform.