Software Engineerfocused on building and hardening secure software.
I'm a full-stack engineer with ~5 years experience. I build software, intentionally break it to understand where assumptions fail, and rebuild it with security, clarity, and correctness in mind.
My work blends software engineering fundamentals with hands-on security exploration and a curiosity for how real systems behave, especially under unexpected or adversarial conditions.
About
I’m a software engineer with a strong interest in understanding how software breaks (e.g., insecure defaults, flawed assumptions, and subtle implementation mistakes) and how to fix them through better design and code.
I see security as part of everyday engineering: writing clearer code, designing safer interfaces, and understanding how real users and attackers interact with software. I build systems, analyze them for weaknesses, and improve them with safer patterns and clearer trade-offs.
Most of my projects are learning-driven. I use them to explore failure modes and document trade-offs, translating security concepts into practical engineering decisions.
What I Do
Building Software
- Design and implement application features end-to-end
- Work with APIs, data models, and application logic
- Write maintainable, well-documented code
- Debug, refactor, and improve existing systems
Breaking Software
- Explore common vulnerability classes and failure modes
- Reproduce and analyze insecure patterns
- Study how real systems are abused
- Document findings clearly and practically
Rebuilding It Securely
- Refactor toward safer defaults
- Improve authentication, authorization, and data handling
- Add validation, guardrails, and observability
- Capture lessons learned so systems scale safely
Featured Work
Sentri
A security-focused application built to practice secure software design and engineering.
- Security-first architecture decisions
- Authentication & authorization considerations
- Logging and auditability
Tech: Python/Django, PostgreSQL
AppSec Learning Lab
OWASP Juice Shop
Hands-on exploration of common application security vulnerabilities using OWASP Juice Shop.
- Identifying OWASP Top 10 issues
- Understanding real-world impact
- Documenting mitigations and fixes
Education & Certifications
- BEng in Electrical and Electronics Engineering
- CompTIA Security+
- Master of Cybersecurity & Threat Intelligence, MCTI (Starting 2026)
Contact
Email: sandra_philips@outlook.com
GitHub: github.com/Sandravaphilips
LinkedIn: linkedin.com/in/sandravaphilips