Frederik Braun

DevOps Manager

Berlin, Germany14 yrs 2 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Led security initiatives for Firefox.
  • Co-authored W3C web standards.
  • Managed a diverse remote engineering team.
Stackforce AI infers this person is a Web Security Engineer with extensive experience in security standards and team management.

Contact

LinkedIn

Skills

Core Skills

Engineering ManagementSecurity EngineeringSecurity ResearchThreat ModelingWeb Application Security

Other Skills

Public SpeakingWeb StandardsStatic AnalysisDynamic AnalysisIntercultural CommunicationChange ManagementCross Cultural ManagementJavaScriptMentoringTeachingOpen Source DevelopmentPythonC++Rust (Programming Language)

About

Engineering Manager & Security Engineer, Builder and Breaker. Managing and growing a remote, distributed team delivering security features and new defenses. Supporting the wider org with threat modeling, fuzzing and our bug bounty program. Experienced in code audits, building new solutions. Driving security efforts that scale across departments. Co-author of W3C recommended specification Subresource Integrity.

Experience

14 yrs 2 mos
Total Experience
7 yrs 1 mo
Average Tenure
13 yrs 8 mos
Current Experience

Mozilla

6 roles

Security Engineering Manager

Promoted

Mar 2023Present · 3 yrs 2 mos

  • Delivering security defenses and product features for Firefox, while also supporting the engineering organization with threat modeling, fuzzing, bug bounty programs, and improving to industry standards (e.g., W3C). Grown a remote team of five to ten with engineers ranging from intern to principal engineer across various continents and time zones.
  • Selected outcomes: HTTPS-First mode, Mixed-Content upgrading, incident response at award-winning speed.
Engineering ManagementPublic SpeakingSecurity Engineering

Staff Security Engineer

Promoted

Aug 2018Mar 2023 · 4 yrs 7 mos

  • Devised and co-led strategy to prevent XSS & injection attacks in source code and at runtime using static and dynamic analysis resulting in, for example, the technical paper "Hardening Firefox Against Injection Attacks".
  • Tasks: Software Engineering, Code Analysis, (Co-)authoring industry standards (HTML, Fetch, Mixed Content, Sanitizer API), Threat Modeling, Vulnerability Management, Mentoring.
Security ResearchPublic SpeakingThreat ModelingWeb Standards

Country Ambassador Germany

Jun 2017Dec 2020 · 3 yrs 6 mos

  • As the Country Ambassador for Mozilla Germany, I helped shape the voice of leadership and acted as an advocate for the needs of employees in the region.
Intercultural CommunicationPublic SpeakingChange ManagementCross Cultural Management

Senior Security Engineer

Promoted

Aug 2015Aug 2018 · 3 yrs

  • Authored web-standard ”Subresource Integrity”, streamlined secure software development process for all applications in Firefox OS, introduced newly created static analysis tooling to address XSS and injection issues, implemented safe PBKDF2 password storage and user-adjustable privacy permission overrides for all apps.
JavaScriptPublic SpeakingSecurity Engineering

Security Engineer

Jan 2013Aug 2015 · 2 yrs 7 mos

  • Performed numerous security audits on web applications, led root cause analysis and remediation of vulnerability classes, and contributed to web standards
  • to support web application security in-house (with e.g., Content Security Policy, X-Frame-
  • Options).
Public SpeakingWeb Application Security

Web Application Security Intern

Oct 2011Feb 2012 · 4 mos · Mountain View, California

  • Security Reviews, Development of a security-focused WebQA tool

Ruhr university bochum

Teaching Assistant at the Chair for Network and Data Security

Jun 2009Sep 2011 · 2 yrs 3 mos · Bochum, North Rhine-Westphalia, Germany · On-site

  • Developing, teaching and grading a hands-on course on web application security, called "hackerpraktikum" or "hackpra" for short.

Klickmeister gmbh

Working Student

Nov 2008May 2009 · 6 mos · Essen

  • Miscellaneous software development tasks in web frontend and backend

Education

Ruhr University Bochum

Engineering Diploma (Dipl.-Ing.) — IT-Security

Jan 2006Jan 2012

Stackforce found 100+ more professionals with Engineering Management & Security Engineering

Explore similar profiles based on matching skills and experience

JJ

Jeevan Jutla

CEO | Co-Founder

at Gecko Security

San Francisco, United States4 yrs 2 mos exp
Nikhil Mittal

Nikhil Mittal

Founding Security Engineer

at Clazar

Pune, India9 yrs exp
Cody K.

Cody K.

Senior Consultant | Cybersecurity & Technology

at Meliora

Hong Kong, Hong Kong2 yrs 7 mos exp
Technical RecruitingCybersecurity
Ravi Chanchlani

Ravi Chanchlani

Senior Software Engineer

at Microsoft

Hyderabad, India8 yrs 9 mos exp
Distributed SystemsLow LatencyProduct Security
Deepmala Kale

Deepmala Kale

Trainee

at AlmaBetter

Bengaluru, India10 yrs 9 mos exp
PythonMachine LearningData Analytics
AG

Ancush Gaikwad

Founder

at CYBRAIN INFOSEC

Mumbai, India11 yrs 4 mos exp
CybersecurityEthical Hacking
Karan Kapoor

Karan Kapoor

Manager Security Engineering

at Gartner

Delhi, India8 yrs 7 mos exp
Application SecurityCloud SecurityPenetration TestingVulnerability Assessment
Subhash P.

Subhash P.

Senior Security Researcher

at Microsoft

Hyderabad, India10 yrs 2 mos exp