I'm a security person in a software world. My focus is on bringing holistic and pragmatic security solutions to software companies, and I'm especially partial to risk-reducing solutions which improve development processes or developer experience (bingo!). I build guardrails, not tarpits.
Currently, I'm a Senior Security Engineer & Security Engineer Manager @ Amazon as part of the Security Foundations organization, working on cloud security and related projects. My notable past roles include:
- Security Engineer, Vulnerability Management @ Luta Security on the Zoom contract
- Product Security Engineer @ Datto, and Software Engineer before that
I do security research across many topic in my spare time (read: whatever grabs my interest, little real theme), and either dump half- to fully-baked repos on GitHub or publish posts on my blog. If you'd like to chat or connect, you can find my social media and ways to message me on my contact page.