Welcome! Great to have you on board.
For context, Wadeck recently joined CloudBees to work specifically on improving Jenkins security. If anyone has some suggestions what would be fairly low hanging fruit, please send them my way (or just label Jira issues as [newbie-friendly] + [security]).