Nov 2022 – Jul 2025 · 2 yrs 8 mos · Bay Area

Mar 2022 – Jul 2025 · 3 yrs 4 mos · San Francisco Bay Area

Feb 2021 – Mar 2022 · 1 yr 1 mo · San Francisco Bay Area

Jan 2021 – Present · 5 yrs 3 mos

• Authzed, Bowtie, Cider Security (Acquired), Compliance Cow, Conductor One, Crash Override, Decipher AI, Desired Effect, DevArmor, DevZero, Depot.dev, Dig Security (Acquired), Endor Labs, Impart Security, Knostic, Leen, Monad, Noma Security, Night Vision, Ollama, Passage.id (Acquired), PatcherAI, Permiso Security, Prophet Security, Revel, Risk Profiler, Seclytics, seedata.io, Semgrep, SigNoz, SINAI Technologies, Sola Security, Snapser, SPIRL, Sweet Security, Temporal, Terra Security, Tines, Tonic Security, Truffle Security, Zip Security, Zylon

Dec 2018 – Present · 7 yrs 4 mos

• Current: Accuknox, Impart Security, Permiso Security, Step Security
• Previous: Appaegis, Avatao, Cider Security, Cockroach Labs, Ermetic, Temporal

Dec 2019 – Feb 2021 · 1 yr 2 mos

• I led a team of experienced security software engineers that build automation to keep Netflix applications secure in a rapidly changing DevOps environment. Our team's mandate was to automatically provide optimal security context to developers and secure defaults when possible.

Mar 2017 – Dec 2019 · 2 yrs 9 mos

• On the Cloud Infrastructure Security team I was responsible for securing one of the largest AWS environments in the world. I contributed to security strategy and project execution. In this role I was the the lead developer and architect for the Repokid OSS project that applies least privilege across our AWS deployment.
• I also designed and launched a program to improve threat detection and response capabilities for our cloud environment, and regularly worked with leadership on strategic planning initiatives.
• My role included representing our security organization at conferences and presentations delivered to security practitioners and developers (Black Hat USA, AWS re:Invent, Enigma) and students (UC Berkeley, Carnegie Mellon).

Mar 2016 – Mar 2017 · 1 yr · San Francisco Bay Area

• In this role I reported to IBM’s Cloud CSO and advised teams in a 10K+ engineer organization on risk and improving security posture across the IBM Cloud Business Unit. My work included serving as lead for a new cloud architecture in development and leading architecture reviews.
• During this time I also co-founded the Cloud Foundry Security team with security engineers from other organizations to identify and triage security issues in Cloud Foundry, and I was co-designer for a scalable security architecture review program and a self-service code analysis platform.

Aug 2014 – Mar 2016 · 1 yr 7 mos · San Francisco Bay Area

• At HPE I worked on Public and Private Cloud platforms, participating in threat models and security reviews to identify product defects. In this role I was also lead developer and architect for two open source projects, Bandit (Python security linter) and ReconBF (measures/reports security control implementation on Linux systems at scale).
• I also created security education curriculum for Python development teams.

Mar 2014 – Aug 2014 · 5 mos

• I led the gate testing and static analysis effort for Symantec Cloud and OpenStack Security Group, designed and automated security test cases, and coordinated penetration testing.

Sep 2011 – Mar 2014 · 2 yrs 6 mos

• I was hired as a security-focused QA and automation engineer working on Symantec's DLP product, responsible for pentesting, threat modeling, and automating security test cases.