Experience

 
 
 
 
 
May 2018 – Present
Foster City, California

Senior Security Engineer

Agari Data, Inc.

Responsibilities include:

  • Security Incident Response and Training
  • Performing annual Security and Privacy Assessments and Reviews
  • Driving Incident Detection and Remediation strategy and execution
  • Coordinating Vulnerability Management mitigation
  • Setting strategy and direction of the Security Program
 
 
 
 
 
Jul 2017 – Feb 2018
Palo Alto, California

Senior Incident Response Engineer

Machine Zone (MZ)

Responsibilities included:

  • Building the log pipeline to get data from internal and external applications to ELK (Elasticsearch, Logstash, Kibana) – including AWS and Google Cloud¬¬
  • Writing/updating Python code to automate analysis of new CVEs and evaluate impact
  • Forensic analysis of laptops, binaries, phishing emails to identify potential malicious activity and work with other internal teams to prevent infection
  • Designing and building tabletop exercises to test team skills and responses and processes
 
 
 
 
 
Sep 2015 – Jun 2017
San Francisco, California

Senior Security Research Engineer

CloudPassage

Responsibilities included:

  • Wrote internal analyses, responses, and company blog posts to address major security vulnerabilities, including creating detection and mitigation for Halo platform
  • Improved the default process of building content for Halo product based on CIS and DISA STIG benchmarks, speeding up creation 5x
  • Automated team processes and workflows with shell/Python scripting and created a wiki to document team activities
  • Technical escalation for OS/application/Halo platform expertise to Customer Success and Sales Engineers, working with Engineering as needed for bugs and new features
 
 
 
 
 
Aug 2013 – Sep 2015
Palo Alto, California

Lead Incident Responder

HP, Inc.

Responsibilities included:

  • Created Incident Response process and documentation based on NIST and SANS guidelines
  • Gave training presentations and technical mentoring to junior staff
  • Automated AD/LDAP lookup of system and user details and email notifications for malware/anti-virus incidents
  • Developed relationships and incident response processes with Information Security Officers in HP Business Units
  • Analyzed memory images using Volatility

Recent & Upcoming Talks

Security and Ops can get along better.

Security and Ops can get along better.

Security and Ops can get along better.

Recent Posts

Today someone asked me for advice in dealing with a difficult person who was being frustrating. I thought about it, and gave the advice …

Contact