Thomas DeVoss

DevOps Engineer

Mechanicsville, Virginia, United States12 yrs 10 mos experience

Most Likely To SwitchHighly Stable

Key Highlights

Over 7 years of bug bounty hunting experience.
Contributed to security enhancements at Braze.
Authored multiple CVEs and recognized in wall of fames.

Stackforce AI infers this person is a Cybersecurity expert with extensive experience in vulnerability assessment and security engineering.

Contact

Skills

Core Skills

Bug Bounty HuntingCybersecurityPenetration TestingSystem AdministrationSoftware Development

Other Skills

Investigating IRTsRunning the Public Bug Bounty ProgramImplementing tooling to monitor and alert for security issuesEnhancing overall securityApplication security assessmentsTesting and securing networksSystem AuditingInstallationTroubleshootingDevelopment in Java, Python, SQL, and JavascriptOperating SystemsComputer SecurityProgrammingSoftware InstallationNetwork Administration

About

As a Staff Security Engineer at Braze, I am responsible for investigating IRTs, running the bug bounty program, and implementing tooling to monitor and alert for security issues. I have been working at Braze since December 2020, and I have contributed to enhancing the overall security of Braze and our users. I have over 7 years of experience as a bug bounty hunter, and I have found and reported vulnerabilities for several major companies, such as Yahoo, Mail.Ru, Mapbox, Imgur, GM, Adobe, AOL, Zynga, Viadeo, Uber, Microsoft, and Netflix. I have also authored multiple CVEs and been recognized in various wall of fames. My mission is to leverage my skills and knowledge to help secure the web and protect the privacy and data of millions of people.

Experience

12 yrs 10 mos

Total Experience

5 yrs 2 mos

Average Tenure

10 yrs 2 mos

Current Experience

Braze

2 roles

Sr. Staff Security Engineer

Promoted

Mar 2023 – Present · 3 yrs 2 mos

Senior Security Engineer II

Dec 2020 – Feb 2023 · 2 yrs 2 mos

Investigating IRTs
Running the Public Bug Bounty Program
Implementing tooling to monitor and alert for security issues
Enhancing overall security of Braze and our Users

Investigating IRTsRunning the Public Bug Bounty ProgramImplementing tooling to monitor and alert for security issuesEnhancing overall securityBug Bounty HuntingCybersecurity

Development operations security (dos)

Penetration Tester/ Hacker

Feb 2017 – Jun 2018 · 1 yr 4 mos · Richmond, Va

Testing and securing networks in the Healthcare and Financial industry in Richmond Virginia

Testing and securing networksPenetration Testing

Synack red team

Hacker

Dec 2016 – May 2022 · 5 yrs 5 mos

Perform Application and Host level security assessments

Application security assessmentsCybersecurity

None

Bug Bounty Hunter

Mar 2016 – Present · 10 yrs 2 mos

Globalworx, inc.

System Admin / Software Developer

Jul 2013 – Mar 2017 · 3 yrs 8 mos · Glen Allen, Virginia

System Auditing, Installation, Troubleshooting, Setup, Installation of Operating Systems and packages.
Installation and configuration of Nagios and Munin monitoring tools.
Securing/hardening of Slackware 14 system.
Development in Java, Python, SQL, and Javascript adding new features to company software and the development of scripts to help automate repetitious tasks
Currently managing 23 physical servers, and 50 virtual linux servers in the Amazon Cloud
Migrating from datacenter setup to services hosted in the Amazon Web Services Cloud. Design, configuration and setup of all servers.

System AuditingInstallationTroubleshootingDevelopment in Java, Python, SQL, and JavascriptSystem AdministrationSoftware Development