I have five years of experience in building applications and environments with security built in. Day-to-day duties have included mitigation against injection, broken authentication, sensitive data exposure, XML external entities (XXE), broken access control, security misconfiguration, cross-site scripting (XSS), insecure deserialization, using components with known vulnerabilities, insufficient logging, and monitoring. I am very knowledgeable regards GDPR legislation and oWasp standards.