MAHMUDA NAZNIN
San Mateo,CA
Summary
Platform engineering leader with 15 years of building, testing, and securing large-scale, regulated platforms across cloud, complex Digital ecosystems, Digital Health and Trust & Safety domains. Experience in automating security, compliance, and risk detection capabilities across CI/CD, infrastructure, and runtime environments. Background spans Python automation, cloud platforms, data-driven risk modeling, and secure system design at scale. Led quality management, engineering, performance and security teams of up to 50 people with $50M+ across SaaS, cybersecurity, cloud-native platforms, networking, and healthcare.
Overview
15
15
years of professional experience
Work History
Test Manager
ASRC Federal (Dept of State)
Arlington, VA
05.2023 - Current
- Led software QA efforts at large-scale federal IT modernization programs for the Bureau of Consular Affairs; defined security best practices and secure coding guidelines to automate GRC and audit-readiness.
- Architected and deployed a real-time risk and control observability dashboard for mission-critical projects, providing leadership with instant visibility into control coverage, policy drift, and remediation status.
- Implemented Compliance-as-Code patterns using Infrastructure-as-Code, enabling automated control validation aligned with NIST and FedRAMP requirements.
- Led Independent Verification & Validation (IV&V) across distributed engineering teams, identifying systemic security gaps and improving SDLC reliability.
- Partnered with platform and DevOps teams to enforce secure defaults, baseline hardening, and automated evidence generation at scale.
Remote Consultant - Test Program Manager, Trust and Safety
Indeed
06.2022 - 04.2023
- Led Trust & Safety testing initiatives, mitigating abuse patterns and platform vulnerabilities through automated detection of non-compliant job posting behavior.
- Synthesized large-scale testing and risk signals into executive-ready insights, driving remediation across engineering, legal, and product teams.
Senior Manager, Quality Assurance & Compliance
Amwell
Boston, MA
02.2016 - 04.2022
- Led the quality and security benchmarks for a pioneer telehealth platform, scaling cloud-based solutions (AWS/GCP) while maintaining strict HIPAA, WCAG and SOC 2 compliance.
- Implemented automation efforts for API/UI testing and integrated security compliance checks into automated test suites, scaling test coverage to 40%, improving site reliability and reducing policy violations by 30%.
- Designed vulnerability management and performance standards, ensuring resilience.
- Built and mentored a distributed engineering team focused on automated evidence generation and metrics-driven risk analysis.
Consultant - Systems Engineering (Cigna, Ascension Health, Lakeland Hospital)
12.2012 - 10.2015
- Managed QA and GRC workflows for large-scale EMR migrations, ensured regulatory compliance, and led testing efforts by automating control verification and data integrity checks across systems.
Software Development Engineer in Test (SDET)
Siemens Healthineers
Malvern, PA
08.2011 - 12.2012
- Developed risk mitigation strategies to certify EHR compliance with HIPAA and HL7 standards, engineering automated scripts to validate technical security controls and medical software performance.
Education
Master of Science - Cybersecurity
New York University
Data Science & Machine Learning Bootcamp
New York University
Master of Policy Management - Digital Innovation, Transformation & Compliance
Georgetown University
Master of Science - Information Systems
Widener University
Skills
- Risk management
- Compliance and cybersecurity
- Test automation frameworks
- GDPR, CCPA regulations
- Quality Assurance
- Trust and safety protocols
- Compliance and Security standards
- AWS, GCP, Azure platforms
- Python, C, Java programming
- GitHub/GitLab version control
- Splunk, Datadog, Wireshark network monitoring
- Nmap Scanning, Metasploit exploitation framework
- Performance testing
- Agile project management
Timeline
Test Manager
ASRC Federal (Dept of State)
05.2023 - Current
Remote Consultant - Test Program Manager, Trust and Safety
Indeed
06.2022 - 04.2023
Senior Manager, Quality Assurance & Compliance
Amwell
02.2016 - 04.2022
Consultant - Systems Engineering (Cigna, Ascension Health, Lakeland Hospital)
12.2012 - 10.2015
Software Development Engineer in Test (SDET)
Siemens Healthineers
08.2011 - 12.2012
Data Science & Machine Learning Bootcamp
New York University
Master of Science - Information Systems
Widener University
Master of Science - Cybersecurity
New York University
Master of Policy Management - Digital Innovation, Transformation & Compliance
Georgetown University