Jamie Dicken!
Builder and Protector
Bio!
Jamie Dicken has worked across much of cybersecurity domain, including product security, AppSec, DevSecOps, security tooling and automation, and GRC. Prior to her transition into cybersecurity, she spent 8 years as a software engineer and technical manager at two Fortune 15 healthcare companies, where she focused on designing, building, and delivering new features to the market. Now Jamie focuses on protecting systems like the ones she used to build and transforming the ways that engineering teams and security professionals work together. Jamie is currently the Director of Security Platforms and Architecture at GitLab, leading Security Architecture, Security Research, and AppSec. She also freelances as a threat modeling instructor at Shostack + Associates.
Her professional passions include leading high-performing teams, executing on high-profile strategic initiatives, championing employee growth and development, and mentoring others. Outside of work, Jamie has lots of adventures with her two boys and husband. She enjoys crafting and spending time outdoors.
Session!
A developer’s guide to making security reviews suck less
In many companies, security reviews suck. You’ve spent weeks or months grinding on a new feature and you’re finally ready to push to production, only to have a security review at the eleventh hour spark chaos. A security engineer raises a concern that might be valid or might be a total misunderstanding, but either way, it leads to urgent meetings, escalations, and complicated Go/No-Go decisions.
In this talk, we will dive into how to navigate these reviews without the drama. As an AppSec Director, I will help you understand exactly what security teams are looking for and why. I’ll show you anticipate their concerns and requirements so you aren’t surprised by scope creep right before code complete. We will explore how to effectively engage your security team, what specific information they need from you, and how to speak their language so you can accurately address concerns and get to the heart of their requirements.
By the end of this session, you will have a straightforward strategy to streamline your next security review and build a more collaborative relationship with your security partners. You will walk away with the tools to reduce the friction that leads to pre-launch panic, helping your team ship with significantly fewer headaches.
Where/When?