Experience

Cyber Defense Group
• United States
• Computer and Network Security
• 1 - 100 Employee
• Director Of Engineering

  • Nov 2021 - Present

DevNetwork
• United States
• Technology, Information and Internet
• 1 - 100 Employee
• DevNetwork Advisory Board - Cloud Advisory Board

  • May 2022 - Present


Eventbrite

• United States
• Software Development
• 700 & Above Employee

• Principal Product Security Engineer

  • Oct 2020 - Nov 2021

  Working collaboratively across the organization, I consulted teams in industry standard and compliant security recommendations throughout the development process, through both manual and automated means. Working collaboratively across the organization, I consulted teams in industry standard and compliant security recommendations throughout the development process, through both manual and automated means.



Addepar

• United States
• Software Development
• 700 & Above Employee

• Information Security Lead

  • Feb 2020 - Oct 2020

  Reporting to the CISO, I took their vision and policies into projects and work that can be completed by the team. This involved the definition of projects and tasks for each sprint and managing sprint deadlines and milestones throughout. I was also an individual contributor within those projects, establishing security operations infrastructure, developing security-focused IAC modules, establishing endpoint protection and data loss prevention for endpoints, and establishing access management for… Show more Reporting to the CISO, I took their vision and policies into projects and work that can be completed by the team. This involved the definition of projects and tasks for each sprint and managing sprint deadlines and milestones throughout. I was also an individual contributor within those projects, establishing security operations infrastructure, developing security-focused IAC modules, establishing endpoint protection and data loss prevention for endpoints, and establishing access management for server systems. Leading the team, I worked with the CISO in creating project definitions and the focus for 2020, based on the NIST CSF framework, raising Addepar’s security posture as a whole, giving the team a project workflow that can be easily followed and tracked throughout a sprint. Show less Reporting to the CISO, I took their vision and policies into projects and work that can be completed by the team. This involved the definition of projects and tasks for each sprint and managing sprint deadlines and milestones throughout. I was also an individual contributor within those projects, establishing security operations infrastructure, developing security-focused IAC modules, establishing endpoint protection and data loss prevention for endpoints, and establishing access management for… Show more Reporting to the CISO, I took their vision and policies into projects and work that can be completed by the team. This involved the definition of projects and tasks for each sprint and managing sprint deadlines and milestones throughout. I was also an individual contributor within those projects, establishing security operations infrastructure, developing security-focused IAC modules, establishing endpoint protection and data loss prevention for endpoints, and establishing access management for server systems. Leading the team, I worked with the CISO in creating project definitions and the focus for 2020, based on the NIST CSF framework, raising Addepar’s security posture as a whole, giving the team a project workflow that can be easily followed and tracked throughout a sprint. Show less



Wag Labs Inc.

• United States
• Consumer Services
• 100 - 200 Employee

• SecOps Engineer

  • Jun 2019 - Dec 2019

  Reporting to the Director of Security, I was his first security hire, focusing specifically on security operations. I established an AWS environment for security to test and deploy various solutions. The environment utilized Terraform, GitLab, Packer, and Git, built on AWS ECS. Working closely with DevOps, I aided in continuing or establishing proper security reviews/processes, such as: ● Reviewing access changes in Terraform code using alerts integrated within the… Show more Reporting to the Director of Security, I was his first security hire, focusing specifically on security operations. I established an AWS environment for security to test and deploy various solutions. The environment utilized Terraform, GitLab, Packer, and Git, built on AWS ECS. Working closely with DevOps, I aided in continuing or establishing proper security reviews/processes, such as: ● Reviewing access changes in Terraform code using alerts integrated within the CI/CD process ● Deploying SecurityMonkey and reviewing insecure AWS configurations ● Ensuring proper configuration of a WAF solution and planning a move to a new WAF ● Developing an endpoint protection deployment method that was more in-line with standard practices followed by DevOps ● Developed proper intrusion and exfiltration monitoring through robust, custom Threat Stack rulesets Show less Reporting to the Director of Security, I was his first security hire, focusing specifically on security operations. I established an AWS environment for security to test and deploy various solutions. The environment utilized Terraform, GitLab, Packer, and Git, built on AWS ECS. Working closely with DevOps, I aided in continuing or establishing proper security reviews/processes, such as: ● Reviewing access changes in Terraform code using alerts integrated within the… Show more Reporting to the Director of Security, I was his first security hire, focusing specifically on security operations. I established an AWS environment for security to test and deploy various solutions. The environment utilized Terraform, GitLab, Packer, and Git, built on AWS ECS. Working closely with DevOps, I aided in continuing or establishing proper security reviews/processes, such as: ● Reviewing access changes in Terraform code using alerts integrated within the CI/CD process ● Deploying SecurityMonkey and reviewing insecure AWS configurations ● Ensuring proper configuration of a WAF solution and planning a move to a new WAF ● Developing an endpoint protection deployment method that was more in-line with standard practices followed by DevOps ● Developed proper intrusion and exfiltration monitoring through robust, custom Threat Stack rulesets Show less



Aman Technologies Inc

• Head of DevOps & Security

  • Jul 2013 - Jun 2019

  As a consultant, I managed DevOps, Infrastructure, and Security for a division of The Weather Company’s WeatherFX project. On the project from its inception, I stayed on through to its purchase by IBM Watson. Created a custom CI pipeline using Puppet, Jenkins, Artifactory, fab, and python & perl scripts. Application runtime scripts developed in bash and python, managed by cron. All of the infrastructure was Linux, in AWS, and used AWS API scripts written for management tasks… Show more As a consultant, I managed DevOps, Infrastructure, and Security for a division of The Weather Company’s WeatherFX project. On the project from its inception, I stayed on through to its purchase by IBM Watson. Created a custom CI pipeline using Puppet, Jenkins, Artifactory, fab, and python & perl scripts. Application runtime scripts developed in bash and python, managed by cron. All of the infrastructure was Linux, in AWS, and used AWS API scripts written for management tasks. Developed the API application and layer, written in Lua, running on Openresty. Developed and moved infrastructure to a new Kubernetes environment using docker, Jenkins, and custom Jenkins scripts written in Groovy. Managed all aspects of infrastructure architecture, security, and compliance. Managed GDPR compliance with IBM’s legal and compliance teams, managed the code and infrastructure audit for IBM’s product catalog, and worked with TWC’s CISO through a major security incident within the platform. Managed a DevOps team of 2-3 offshore engineers, operating in an Agile environment with Jira for ticket / project management. The team ran 2-week sprints with daily stand-ups. Managed the work taken on by DevOps in each sprint, assigning the work appropriately between myself and the engineers. Show less As a consultant, I managed DevOps, Infrastructure, and Security for a division of The Weather Company’s WeatherFX project. On the project from its inception, I stayed on through to its purchase by IBM Watson. Created a custom CI pipeline using Puppet, Jenkins, Artifactory, fab, and python & perl scripts. Application runtime scripts developed in bash and python, managed by cron. All of the infrastructure was Linux, in AWS, and used AWS API scripts written for management tasks… Show more As a consultant, I managed DevOps, Infrastructure, and Security for a division of The Weather Company’s WeatherFX project. On the project from its inception, I stayed on through to its purchase by IBM Watson. Created a custom CI pipeline using Puppet, Jenkins, Artifactory, fab, and python & perl scripts. Application runtime scripts developed in bash and python, managed by cron. All of the infrastructure was Linux, in AWS, and used AWS API scripts written for management tasks. Developed the API application and layer, written in Lua, running on Openresty. Developed and moved infrastructure to a new Kubernetes environment using docker, Jenkins, and custom Jenkins scripts written in Groovy. Managed all aspects of infrastructure architecture, security, and compliance. Managed GDPR compliance with IBM’s legal and compliance teams, managed the code and infrastructure audit for IBM’s product catalog, and worked with TWC’s CISO through a major security incident within the platform. Managed a DevOps team of 2-3 offshore engineers, operating in an Agile environment with Jira for ticket / project management. The team ran 2-week sprints with daily stand-ups. Managed the work taken on by DevOps in each sprint, assigning the work appropriately between myself and the engineers. Show less



AppNexus

• United States
• Technology, Information and Internet
• 1 - 100 Employee

• Infrastructure Solutions Manager

  • Apr 2012 - Mar 2013

  Guided customers in building solutions on AppNexus’ Cloud offering and managed the cloud business from technical upkeep and support, sales, contract terms, and training for the sales team on upselling the cloud offering. Guided customers in building solutions on AppNexus’ Cloud offering and managed the cloud business from technical upkeep and support, sales, contract terms, and training for the sales team on upselling the cloud offering.



GoGrid

• United States
• Technology, Information and Internet
• 1 - 100 Employee

• Solutions Architect

  • Mar 2010 - Mar 2012

  My journey at GoGrid began by giving general customers technical support, managing a specific set of account, managing a small set of high profile accounts, to shifting to sales and designing solutions for customers. Worked with customers such as SAIC, Martini Media, Conde Nast Digital, and Uber. As Solutions Architect, I was a part of opportunities accumulating to over $1.6 million in annual revenue. My journey at GoGrid began by giving general customers technical support, managing a specific set of account, managing a small set of high profile accounts, to shifting to sales and designing solutions for customers. Worked with customers such as SAIC, Martini Media, Conde Nast Digital, and Uber. As Solutions Architect, I was a part of opportunities accumulating to over $1.6 million in annual revenue.



Aegis Media

• Germany
• Advertising Services
• 1 - 100 Employee

• Macintosh Administrator

  • Nov 2006 - Sep 2009

  My work at Aegis was mainly focused around the desktop support of over 220 users across multiple business entities under one roof. I also aided in the design and support of the national rollout of Mac systems, including imaging, inventory management, remote desktop integration, and server access. I also aided in the basic management tasks involved with our in-house servers and virtualization cluster. My work at Aegis was mainly focused around the desktop support of over 220 users across multiple business entities under one roof. I also aided in the design and support of the national rollout of Mac systems, including imaging, inventory management, remote desktop integration, and server access. I also aided in the basic management tasks involved with our in-house servers and virtualization cluster.



Serverplex Networks

• United States
• Retail

• Onsite Support Manager

  • Dec 2005 - Oct 2006

  Serverplex was an IT solutions firm for homes and small businesses. Working closely with the CEO, I handled the majority of onsite clients, responded to support tickets, and aided in the opening and managing of a brick & mortar retail location in downtown San Mateo. Within the store, we sold various Apple products and offered in-house solution consultation, leading to new business from local business owners. Serverplex was an IT solutions firm for homes and small businesses. Working closely with the CEO, I handled the majority of onsite clients, responded to support tickets, and aided in the opening and managing of a brick & mortar retail location in downtown San Mateo. Within the store, we sold various Apple products and offered in-house solution consultation, leading to new business from local business owners.