Starting out in AppSec & Dealing with DevSecOps Fatigue with Chitra Elango | AppSecEngineer Podcast

Welcome back to the AppSecEngineer Podcast! This week we spoke to Chitra Elango from Fannie Mae.

Hailing from South India, Chitra came from a conservative background where a career in STEM was her only real option. After working as a developer for 18 years, she got an opportunity to work in information security. And she’s stuck with it ever since.

In our conversation, we spoke about differences in work culture between the East Coast and West Coast of the US, the work she does at a massive organization like #FannieMae, and how a newbie to application security can get into the AppSec industry.

We even spoke about ‘DevSecOps fatigue’, how developers fit into a product team’s security strategy, and the soft skills both team members and leaders needs to employ when working with people in various disciplines on a project.

#ChitraElango has worked as a #cybersecurityanalyst since 2015. Currently, she serves as the Senior Director of DevSecOps, Vulnerability Management, and Red team at Fannie Mae.

0:00 Intro 01:41 Career Path and being head of Appsec at Fannie Mae 03:41 Career success mantra in application security 04:26 First vulnerability assessment experience 08:04 Application security trends and opportunities in big firms 10:55 Driving forces of AppSec culture in big organizations 17:53 How to start Application security career and cross skilling 21:40 How to prepare for security professional interview 25:25 Balance between compliance and security automation 28:20 Compliance as a push factor for security automation 30:37 QA and security 35:50 Effective Marketing and sales for security products and services 41:55 Next big thing and way of future for DevSecOps and AppSec

Learn more about Application Security and Devsecops at https://appsecengineer.com/ Explore the course plans and free trial at https://appsecengineer.com/pricing/ ... https://www.youtube.com/watch?v=ZxywK9feUag