Aug 2025 – Present · 7 mos · Austin, Texas Metropolitan Area · On-site

• Drives Application Security across Amazon's diverse business portfolio, supporting 15 CISOs and Heads of Security in areas like healthcare, satellite launches, physical stores, and media and entertainment. The role provides crucial security review capacity (threat modeling, architecture review, security testing, validation, and launch readiness) and tailors centralized security offerings to meet the unique needs of each business unit.
• Heads an organization chartered with reducing Amazon's security risk by innovating through automated security reviews. Our focus is scaling application security to meet unprecedented demand and backlog, ensuring security experts concentrate on bespoke, high-risk security issues and provide minimally disruptive security review services that delight builders.
• Leads specialized Application Security teams, such as Mobile Security, that embed secure defaults into developer workflows, minimizing security time-to-fix and reducing the overall cost of security.
• Oversee Amazon's Application Security Developer Engagement program, which provides essential security knowledge, guidance, and resources to builders and partners. This includes the Security Certifiers program, our solution for scaling the human tasks needed today in application reviews, and Security Training and Education, which provides frontline builder support services,

May 2020 – Jul 2025 · 5 yrs 2 mos · Austin, Texas Metropolitan Area · On-site

• Led eight security teams, Amazon MGM Studios, Digital Acceleration, Games Studios, Luna, Music, Prime Gaming, Prime Video, and Wondery. We obsess over the security of our customers experience and end-to-end security of our content suppliers. This includes making sure the data our customers provide to us is protected, and that the data we provide to our customers is also protected. We analyze, asses, solution and recommend security solutions to give our customers the best experience possible, without putting them or us at risk.
• We protect customers and their data by performing security reviews of applications, providing guidance on secure architecture designs, and helping development teams make informed risk decisions. We enable business innovation by partnering directly with engineers to implement security best practices and scale our impact through security campaigns and automated tooling requirements. Through proactive application security measures and incident response, we ensure all client and cloud applications maintain a strong security posture while delivering exceptional customer experiences.