Oct 2021 – Sep 2023 · 1 yr 11 mos · Greater Seattle Area · Hybrid

• Built and led Robinhood’s Detection & Response (D&R), Security Services, Product Security, Platform Security, and Network Engineering organizations.
• Some memorable accomplishments include:
• Led incident response during the company's November 2021 data breach and Log4J remediation
• Delivered DevSecOps transformation in partnership with Engineering that included embedded security teams, CI/CD scanning, patching automation, and streamlined Secure by Design (SbD).
• Reduced attack surface through Internet egress controls and waste elimination, which significantly reduced the company's data transfer costs.
• Led risk reduction initiatives in vulnerability management, contingent access, and least privilege.
• Launched Passkey (WebAuthn) secure authentication on the first day of iOS support.
• Delivered CCSS compliant cold cryptocurrency custody systems and operations.

Nov 2014 – Oct 2021 · 6 yrs 11 mos · Seattle · On-site

• Built and led a global (Seattle, Vancouver, Cape Town) organization that protects Amazon infrastructure and AWS customers against external threats like DDoS attacks, bot attacks, network abuse, and vulnerability reconnaissance and exploitation.
• Some memorable accomplishments include:
• Launched the AWS Shield Advanced and AWS Managed Rules services
• Established the AWS Shield Response Team (SRT) and AWS Threat Research (TRT) teams
• Delivered customer-facing control plane features and automation to detect and mitigate DDoS and application-layer attacks
• Served as a Bar Raiser where I led 350 interview loops and helped teams across Amazon make great hiring decisions

Aug 2005 – Sep 2014 · 9 yrs 1 mo

• Recipient of the Afghanistan Campaign Medal, disabled veteran.