Dmitriy Dunavetsky

Dmitriy Dunavetsky

Security, Product & Technology Leader

Driving product, cloud, and application security across global SaaS and XaaS platforms. Building high-performing teams and embedding security into modern DevOps practices.

Get in Touch View Experience

Professional Summary

Security and technology leader with extensive experience driving product, cloud, and application security across global SaaS and XaaS platforms. Proven success in building and scaling high-performing teams, embedding security into SDLC and DevOps, and enabling developers and partners to adopt modern cloud and AI security practices.

Skilled at collaborating across product, engineering, and go-to-market teams to expand into enterprise and public sector markets. Strong technical background spanning cloud platforms (AWS, Azure), DevSecOps, AI/ML security, and compliance frameworks.

Professional Experience

2021 - Present

VP, Product Security & Cybersecurity

Dayforce | Remote
  • Hired and developed a global product security team spanning NA, APJ, and EMEA
  • Directed strategy across 300+ SaaS services, embedding security into code-to-cloud delivery, enabling market expansion into enterprise and public sector
  • Built global developer engagement program, increasing security tools adoption and reducing new defects by over 25% annually
  • Implemented AI-based threat modeling, code reviews, and secret detection using LLMs and RAG, streamlining risk reviews for developers
  • Led adoption of edge computing for improving service visibility and customer trust while reducing dependency on legacy technologies
  • Directed CNAPP transformation, working with Microsoft, CrowdStrike, and Wiz to secure multi-cloud workloads
  • Partnered with product, sales, and marketing to position security as a differentiator in enterprise deals
  • Delivered internal/external enablement, conference talks, and GTM collateral to position security as a differentiator
2020 - 2021

Engineering Director, Security

Synopsys | Mountain View, CA
  • Defined cloud and application security strategy for EDA tools
  • Integrated security controls into CI/CD pipelines
  • Championed cloud center of excellence for security engineering
  • Produced whitepapers and sales enablement materials
2019 - 2020

Director, Cloud Security Engineering

Automation Anywhere | San Jose, CA
  • Built cloud security team and compliance roadmap for SaaS adoption
  • Operationalized container security in CI/CD
  • Delivered cloud monitoring and compliance metrics
  • Enabled SOC 2, ISO 27001, and HITRUST certifications
2018 - 2019

Sr. Security Consultant, ProServe

Amazon Web Services | San Francisco, CA
  • Worked with ISVs and enterprises to securely adopt AWS
  • Designed cloud security architectures and ran PoCs
  • Provided feedback to AWS product teams and contributed to open source
  • Delivered GTM content and customer workshops
2015 - 2018

BISO, Head of Information Security

Consensus Corp (Target)
  • Built strategy and roadmap for cloud infrastructure, architecture, security, and site reliability teams
  • Reduced application vulnerabilities by 50% YoY through complete testing framework in CI/CD pipeline
  • Developed highest performing engineering team with highest average annual review rating
  • Implemented key security capabilities: IDS, IPS, FIM, WAF, SIEM, DAST & SAST
  • Reduced Black Friday compute requirements by 70% through optimization
  • Led compliance audits for SOX, PCI, and SOC 2
2006 - 2015

Director / Manager / Engineer, Information Security

Safeway Inc. | Pleasanton, CA
Director, Information Security (2013-2015)
  • Directed enterprise security and compliance across PCI, SOX, and HIPAA
  • Selected and implemented CASB for O365, Box, and Salesforce platforms
  • Developed 3-year Information Security strategy and obtained $150M cyber insurance coverage
Manager, Information Security (2009-2013)
  • Developed corporate security policies and standards based on ISO27002 and NIST
  • Implemented risk management methodology for projects, vendors, and applications
  • Aligned security project risk management to delivery process
Lead Security Engineer (2006-2009)
  • Engineered and executed security risk assessments for core business applications and infrastructure systems, integrating results into remediation workflows
  • Administered and tuned enterprise security platforms including NetIQ, nCircle Vulnerability Scanner, and WebInspect, optimizing scan coverage, reducing false positives, and automating reporting pipelines
  • Designed and implemented processes to operationalize vulnerability management, from scan configuration through triage, validation, and remediation tracking
2004 - 2006

Security Consultant, Sr. Associate

PricewaterhouseCoopers | San Francisco, CA
  • Managed risk assessment and compliance projects for Fortune 100 companies
  • Developed robust, sustainable risk management and compliance programs tailored to client needs
  • Conducted attack and penetration testing
  • Led engagement team management
2001 - 2004

Information Security Engineer

Clorox Services Company | Oakland, CA
  • Core security team member - architected, designed, and implemented various security solutions
  • Provided third-level support for firewalls, remote access, VPN, single sign-on, and web authentication

Areas of Expertise

Security Strategy

  • Product & Cloud Security
  • Enterprise Security Strategy
  • Application Security
  • Developer Training & Enablement
  • Security Evangelism

Cloud Platforms

  • AWS Architecture
  • Azure Security
  • CNAPP / CWPP / KSPM
  • Multi-cloud Strategy
  • Security Logging & Telemetry

DevSecOps

  • CI/CD Security
  • Container Security
  • Infrastructure as Code
  • SDLC Integration

AI & ML Security

  • LLM Security
  • LLM-based Secure SDLC
  • AI Threat Modeling
  • RAG Implementation
  • Secure AI/ML Practices

Compliance

  • SOC 1/2/3
  • ISO 27001 / NIST
  • PCI DSS / GDPR
  • FedRAMP / HITRUST
  • SOX / HIPAA

Technologies

  • Python / Bash
  • Terraform / CloudFormation
  • Docker & Container Security
  • Kubernetes
  • Security Automation

Education & Certifications

Certifications

  • AWS Certified Solutions Architect – Associate (2018)
  • AWS Certified Security – Specialty (2019)

Education

Bachelor of Science, Computer Science
Moscow International Technology University

Latest Insights

View All Posts

Open Source Projects

Automated IAM Access Analyzer

AWS sample solution for automated analysis and remediation of IAM permissions. Implements least-privilege access patterns and continuous compliance monitoring for AWS environments.

Python AWS IAM CloudFormation Lambda
AWS Official Sample

CodeSec

Advanced code security analysis tool for detecting vulnerabilities, secrets, and compliance issues in source code. Integrates multiple security scanners with AI-powered remediation suggestions.

Python SAST AI/ML DevSecOps
Security Automation

Let's Connect

Click to reveal phone
Click to reveal email
LinkedIn
GitHub