LLMpediaThe first transparent, open encyclopedia generated by LLMs

Shannon Lietz

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: Azure DevOps Hop 4
Expansion Funnel Raw 90 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted90
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Shannon Lietz
NameShannon Lietz
OccupationCybersecurity engineer, DevSecOps leader
EmployerIntuit
Known forDevSecOps, application security, security culture

Shannon Lietz is a cybersecurity engineer and leader known for pioneering practices in application security and DevSecOps within technology organizations. She has led security transformations at prominent companies, advocated for security integrated into software development lifecycles, and contributed to community knowledge through presentations, open source projects, and mentorship. Lietz’s work intersects with software engineering, cloud platforms, and security operations across the technology industry.

Early life and education

Lietz grew up in a period of rapid expansion in personal computing and networking that coincided with the rise of companies such as Microsoft, Apple Inc., Sun Microsystems, Oracle Corporation, and IBM. Her formative years included exposure to programming and networking trends shaped by developments at DARPA, MIT, Carnegie Mellon University, Stanford University, and University of California, Berkeley. She pursued technical training and certifications often associated with practitioners from institutions like SANS Institute, EC-Council, ISC², CompTIA, and vendor programs from Amazon Web Services, Google Cloud Platform, and Microsoft Azure.

Career

Lietz’s professional trajectory includes roles in application security, penetration testing, and security leadership with responsibilities spanning software development, cloud adoption, and operational risk. She has worked inside organizations that collaborate with entities such as GitHub, Atlassian, HashiCorp, Docker, and Red Hat to integrate security tooling and automation. Her career milestones include directing security programs that interface with continuous integration and continuous delivery platforms like Jenkins, Travis CI, CircleCI, GitLab CI/CD, and Azure DevOps.

In her leadership roles, Lietz has engaged with standards bodies and community initiatives connected to OWASP, CIS (Center for Internet Security), NIST (National Institute of Standards and Technology), ISO working groups, and industry consortia such as Cloud Security Alliance and Linux Foundation projects. She has collaborated with product and engineering teams using frameworks and technologies from Kubernetes, Istio, Prometheus, Grafana, Terraform, Ansible, and Puppet to operationalize security requirements.

Contributions to cybersecurity and DevSecOps

Lietz is widely recognized for advancing DevSecOps practices that emphasize "shift-left" security and developer-centric tooling. She has promoted integrations of static application security testing from vendors and projects like SonarQube, Checkmarx, Fortify, Bandit, and Semgrep into development workflows, and advocated for dynamic testing approaches involving OWASP ZAP, Burp Suite, and Selenium-based test harnesses.

Her work emphasizes risk-based vulnerability management aligning with frameworks such as MITRE ATT&CK, CWE, CVSS, and coordination with disclosure practices guided by organizations like CERT Coordination Center and FIRST. Lietz has advanced secure coding education, threat modeling, and policy automation informed by sources including STRIDE, CAPEC, NIST SP 800-53, and NIST Cybersecurity Framework.

She has contributed to open source tooling and community dialogues that intersect with projects and platforms such as OpenTelemetry, Jaeger, Prometheus, Snyk, Dependabot, and OWASP Dependency-Check. Lietz’s approach encourages collaboration among development teams, product managers, and security specialists, drawing on cultural and process influences from companies such as Netflix, Google, Facebook, Etsy, and Amazon.

As a speaker and author, Lietz has presented at conferences and events organized by RSA Conference, Black Hat, DEF CON, BSides, KubeCon, Velocity Conference, DevOpsDays, OWASP AppSec, and Gartner symposiums. Her talks often address operationalizing security in cloud-native environments, risk-based testing, and metrics-driven security programs.

Awards and recognition

Lietz’s leadership and impact have been acknowledged through invitations to advisory boards, keynote sessions, and industry panels associated with institutions like NIST, CSA Research, SANS Institute, and OWASP Foundation. She has been cited in industry publications and recognized in lists and awards that highlight influential practitioners in cybersecurity, cloud security, and DevSecOps alongside peers from Google Cloud, Microsoft Security, Amazon Web Services Security, Cisco, and Palo Alto Networks.

Personal life and advocacy

Beyond technical leadership, Lietz is active in mentoring, diversity, and community-building efforts within technology and security circles. She supports initiatives and organizations such as Women Who Code, Girl Develop It, Black Girls CODE, Grace Hopper Celebration, and TechWomen that promote inclusion and career development. Lietz advocates for mental health and sustainable workloads in engineering organizations and participates in programs that connect experienced practitioners with startups, universities, and nonprofit initiatives.

Category:Cybersecurity professionals Category:DevSecOps