Aug 2022 – May 2023 · 9 mos · Hybrid

• Worked on Private Cloud Compute
• https://security.apple.com/blog/private-cloud-compute/

Jul 2019 – Aug 2022 · 3 yrs 1 mo · Hybrid

• Apple Information Security. Majority of work covered by NDA, but here are some highlights:
• Developed advanced, custom, SAST tooling (with very low false-positive rates), used widely throughout Apple
• Security architecture and design review
• Security DRI (Directly Responsible Individual) for major HIPAA related service
• Deep-dive penetration testing
• Code review
• much more

Jan 2018 – Jul 2019 · 1 yr 6 mos · Bellevue, Washington · Remote

• Heroku Platform Security Team / SFDC Infrastructure Security team
• Penetration testing, threat modeling, cloud security, design review, tool development

Jul 2016 – Jan 2018 · 1 yr 6 mos · Seattle, WA · Remote

• Senior Security Engineer focused on payment processing security at Gravity Payments and their subsidiary, ChargeIt Pro.
• Penetration testing, threat modeling, code review.

Dec 2014 – Jul 2016 · 1 yr 7 mos · Seattle, WA · Hybrid

• Penetration testing focused security engineer on the AWS Security Team. In addition to penetration testing, I provided deep dive training and presentations on technical security topics to teammates in AWS Security as well as multiple software development teams at AWS.
• I presented to security engineers and developers at Amazon’s internal conference ZonCon 2016 and WebDevCon 2016 on the topic of web security.

Dec 2013 – Dec 2014 · 1 yr · Seattle, WA · Hybrid

• As a security engineer in the retail Corporate Infrastructure Information Security Team, I spent a year working on an S-Team goal of designing, developing and implementing a custom wired 802.1X authentication solution for all client systems at Amazon. This meant I was working on a service team at Amazon and our supported clients included Windows, Ubuntu Linux, Red Hat Linux, and macOS.
• We built this solution at Amazon's scale, and I became very comfortable with Amazon's internal builder tools and services, and learned how to truly build and deploy services securely at scale.

Aug 2008 – Dec 2013 · 5 yrs 4 mos

• Senior Security Engineer in a very large environment with 400k+ managed endpoints.
• Penetration testing
• Malware analysis
• Reverse Engineering
• Tool development in Python, Perl, C#, Object-Pascal
• Vulnerability management / scanning
• Developed custom security applications that are widely deployed throughout the Wells Fargo enterprise (400,000 Windows endpoints)

Apr 2005 – Aug 2008 · 3 yrs 4 mos

• System administration for a large enterprise with 400k+ endpoints
• Built zero-touch workstation imaging platform
• Wrote automation scripts and several full applications to secure systems (Perl, VBScript, C#, Delphi)
• Expert with Microsoft Installer (MSI) technology and re-wrote many installers by hand, or wrote my own DLL custom actions to enhance functionality and work in a non-admin rights environment
• Wrote a Windows wireless (802.11) network security endpoint tool deployed to the entire Wells Fargo enterprise. Closed a critical security gap and I maintained and updated it for 7 years until Windows 8 included this functionality.

Jan 2004 – Apr 2005 · 1 yr 3 mos · Greater Minneapolis-St. Paul Area · On-site

• Windows server administration and desktop management.

Jun 2003 – Aug 2003 · 2 mos · Greater Minneapolis-St. Paul Area

• From June 2003 - August 2003, I was an IT intern on the Microsoft Windows Technical Services team.
• During these 3 months I developed server management scripts in Perl, wrote automation for our NT4 -> Server 2003 migration, assisted with Active Directory management, racked and configured 25 of the first Server 2003 DC's and member servers, and even helped run new cabling in a data center.