Vladyslav Polishchuk Lead Security Automation Engineer
I build the production Python pipelines and agentic AI workflows that streamline exposure management across 120K assets and 40+ remediation teams.
Selected Work
Nucleus to ServiceNow CMDB, with identity sync
Two integration layers connecting the exposure-management platform to ServiceNow CMDB. Replaced one-team-at-a-time onboarding with a rollout that brought on 40+ teams en masse, and kept AD, Entra SSO, and Nucleus team mappings aligned without manual cleanup.
Read case study →AI-assisted deviation management
A custom agentic workflow in Python on Azure Functions, orchestrated through an in-house n8n-style runtime built on Langdock. A chatbot endpoint handles intake, Functions enrich requests with asset and ownership data from CMDB, and requests route through a manager, security, and legal approval chain. Approved deviations log to ServiceNow with a defined expiration and a re-evaluation scheduled 30 days before expiry. Cut typical handling from 3-6 clarifying emails to near-zero analyst touch outside escalations.
Read case study →Agentic threat intelligence briefing workflow
An AI workflow in Python on Azure Functions, built on Langdock, that pulls cybersecurity news and advisory feeds, normalizes them onto a common schema, and classifies each item against business-criticality data pulled from Nucleus. Composes daily and weekly briefings whose structure and depth adapt to the reader, from exec summaries to manager rollups to technical and non-technical breakdowns for the relevant teams.
Read case study →Exposure analytics and telemetry pipeline
A timer-triggered Python Azure Function pulls findings from the Nucleus API into Azure Data Explorer, where Kusto update policies promote raw records into curated tables keyed on severity, asset, owner, and lifecycle. A PowerBI layer gives each remediation team a self-service view of its findings and rolls up to an exec and board-level dashboard. Reached 75% weekly active across 40+ remediation teams and drove the 30% MTTR reduction on High/Critical findings.
Read case study →
Approach
The exposure-management platform I run routes ~4,000 remediation actions a month, along with summarized analysis of the highest-impact fixes, to the right owners — and produces numbers you can defend in a board meeting.
I have been central to building the company's first centralized security automation function, standardizing how in-house automation and security software gets developed. It is a cross-functional group of engineers and senior matrixed partners; the practice started inside Security and has expanded to technical units across IT, infrastructure, and app dev. Day to day, I lead VM engineering: technical direction, code review, mentorship, and a predictable monthly delivery cadence.
Build the platform, not the one-off.
A script closes today's ticket. A system other teams can build on closes the next hundred. I lean toward the system, even when the quick fix would be faster to ship.
Most MTTR problems are routing problems.
A finding sent to the wrong team does not get fixed, it gets forwarded. Clean CMDB data, working identity sync, and handoffs that do not lose state are what actually move the number. The dashboard just tells you whether you did that work.
Integrations fail at month six, not day one.
Almost anything looks fine in a demo. Drift, partial writes, and broken recovery show up later. I build for how a system behaves after it has been running a while, because that is when it matters.
Use AI for the busywork, not the decision.
LLMs are good at enrichment, triage prep, and cutting down the back-and-forth on routine intake. They are not the right tool for a risk decision. I build workflows that keep that line clear.
Tooling no one uses is not done.
Security tools get judged on whether people open them, not whether they shipped. I track adoption the same way I track coverage. Both have to be real.
Stack
| Exposure | Nucleus · Tenable · Qualys · Wiz · CrowdStrike · BitSight · AppScan · Seemplicity · Axonius |
|---|---|
| Ticketing | ServiceNow Vulnerability Response · Jira · CMDB |
| Automation | Python · PowerShell · Bash · JavaScript · PySpark · Azure Functions · AWS Lambda · Cortex XSOAR |
| AI | Langdock · Claude / MCP tool-use · LLM governance · production AI workflows |
| Cloud & Identity | Azure · AWS · GCP · Kubernetes · ECR · Entra ID · Active Directory |
| Delivery | GitHub Enterprise · CI/CD · Veracode · Snyk · PowerBI · REST APIs |
Career
| 2025 - present |
Lead Security Automation EngineerZoetis · Exposure management and security automation
|
|---|---|
| 2024 - 25 |
Senior Vulnerability Management EngineerParamount Global · NIST-aligned governance, cloud and endpoint VM
|
| 2022 - 24 |
Vulnerability Management EngineerStandard Industries · 30K cloud (Azure, GCP) and VMware assets, CSPM checks in CI/CD
|
Education
| 2020 - 22 |
MSc, Cyber SecurityFordham University, New York
|
|---|---|
| 2016 - 20 |
BSc, Computer ScienceFordham University, New York
|
Contact
I am open to senior roles across security engineering, automation, AI, and cloud security — including vulnerability management leadership.
Remote, US-based.