About
Samuel Loch
Software Developer & Cybersecurity Leader
I am an enthusiastic Software Engineering and Cybersecurity Manager with an extensive professional background developing software
and securing the technology environments of Fortune 500 companies.
I have a bachelor’s degree in Management Information Systems and an MBA concentrating in Cybersecurity Intelligence Leadership.
I am also currently pursuing a master's degree in Computer and Information Technology at the University of Pennsylvania, where I have completed graduate coursework
related to software development in the Java, Python, and C programming languages. I am also specializing in Artificial Intelligence and am
completing courses on AI, Natural Language Processing, and Deep Learning through this program.
My Experience
Master of Computer and Information Technology, The University of Pennsylvania
2024 – Present
-
I am currently pursuing a master's degree in Computer and Information Technology at the University of Pennsylvania.
Coursework that I am completing through this program covers software development in Java, Python, and C, as well as artificial intelligence,
natural language processing, software security and analysis, cloud computing, and database systems.
Cybersecurity Manager, Tech Audit Lead, Comcast
2025 - Present
-
I currently lead teams of technical cybersecurity professionals in assessing the
security of critical applications at Comcast. I set the strategic direction of these audits through determining the
relevant risks and applications and provide technical guidance to my team.
-
Leading teams of technical auditors through the assessment of cybersecurity controls
for Comcast’s most critical applications and business units.
-
Setting strategic direction of key audits through determining the scope of applications and cybersecurity controls to analyze.
-
Authoring departmental standards and testing playbooks ensuring a thorough and standardized approach across engagements.
Senior Technology & Cybersecurity Auditor, Comcast
2023 - 2025
-
I spent time aiding auditing teams at Comcast as a Lead Auditor with my software development and application security expertise.
-
Reviewed and tested software applications and APIs for critical security risks.
-
Consulted internal engineering teams on how to better secure their applications and infrastructure.
-
Served as the lead auditor on key audits of the customer network, the Xfinity.com Website, and the Xfinity mobile application, servicing over 30 million users for each platform.
-
Identified risks and opportunities through SAST, DAST, Threat Models, and Penetration Tests.
Master of Business Administration - Cybersecurity Intelligence Leadership, Penn State University
2021 - 2024
-
In 2024 I received my MBA from Pennsylvania State University, graduating with honors from the Smeal College of Business,
concentrating in Cybersecurity Intelligence Leadership. Throughout my studies, I took courses on application security, information security, data analytics,
and business leadership.
-
Built and deployed a web application using docker kubernetes, then performed penetration tests on the application
utilizing the DAST tool ZAP, documenting my findings.
-
Performed threat modeling, tabletop exercises, and
drafted organizational cybersecurity policies.
-
Took extensive coursework on leading teams and organizations, thoroughly preparing me to lead cross-functional organizations.
Senior Information Security Analyst, TD Bank
2022 - 2023
-
As a Senior Information Security Analyst, I helped internal cybersecurity teams evaluate the risks associated with their processes and implement solutions to mitigate those risks.
-
Led a team of security analysts in conducting risk assessments of key cybersecurity functions including
TD's application security, vulnerability management, cloud security, and security policy development programs.
-
Consulted internal cyber and engineering teams on how to better secure their tech assets and applications
and how to implement processes and controls to reduce cyber risk.
-
Architected a vulnerability reporting dashboard using Tableau and SQL connecting
to and querying from TD’s vulnerability database, vastly improving the monitoring and remediation of vulnerabilities,
and improving the mean time to patch (MTTP) by 25%.
Business Systems Analyst III - Software, TD Bank
2019 - 2022
-
As a Business Systems Analyst I spent time on software development teams as both a software development engineer in test (SDET)
as well as in a Scrum Master capacity, learning the software development lifecycle and Agile methodologies
from the multiple perspectives within a software development pod.
-
Led remote international teams in quality assurance testing of essential production applications,
servicing over 86,000 TD customers per year, distributing approximately $8.2 billion in loans.
-
Developed a frontend tool (JS/HTML/CSS) with backend integration to Jira REST APIs;
automating Agile project onboarding workflows and reduced manual efforts.
-
Conducted multi-day bootcamp sessions teaching Agile software development practices to other TD development teams.
Projects
*Some of my projects must remain private for academic integrity purposes.
Just reach out if you would like to view the code.
Tweet Analysis Program | Java, Maven
Developed an application to parse tweet data for mentions of the flu and separate tweets
related to the flu by location data to provide insights on estimated flu rates
around the country.
View Project
Property Value Analysis Tool | Java, Maven, JSON
Developed an application that ingests property and population data from opendataphilly.org
and analyzes property values against various other data points to provide a comprehensive view
of propertieswithin different areas of Philadelphia.
View Project
Personal Website | HTML, CSS, JavaScript
Developed and maintained this personal websited written in HTML, CSS, and JavaScript. Deployed the site using AWS S3,
Amplify, and Route53.
View Project
Skills
- Java
- Python
- C Programming
- Application Security
- Secure Software Development Lifecycle
- AWS (RDS, ECS, Lambda)
- Machine Learning
- Data Engineering
- CI/CD Tools (Docker, GitHub)
- Agile Methodologies
- SQL
- People Management
- Rest API
- SAST
- DAST
Certifications
-
Certified Information Systems Security Professional (CISSP) - ISC2
-
Security+ - CompTIA
-
Programming with Python and Java Specialization - The University of Pennsylvania (2024)
