where I’ve been & what I know
work
Norstella, 2023–present • Product Security Engineer
I am building the Product Security program from the ground up, which includes maturity assessments, CI/CD pipeline improvements, SAST, DAST, SCA, product architecture review, vulnerability management, and incident response functions. I am also working closely with the rest of the Information Security team to improve the overall security posture of the organization.
Smartcar, 2021–2022 • Software Engineer
As a member of the platform team, I was responsible for the API product itself as well as company infrastructure and internal developer tooling. Primarily working in JavaScript & TypeScript with PostgreSQL, I led development of 5 new OEM platforms (for 10+ brands), utilizing AWS Lambda functions and redis pubsub for authentication flows that required advanced logic handling. I also fleshed out two internal Slack bots which helped improve on-call monitoring and response times.
Baton Systems, 2019–2020 • Software Engineer
Using Java alongside ActiveMQ and MySQL, I was responsible for designing and implementing Springboot REST APIs for financial asset management web applications. I also led a project that used Netflix's Conductor workflow orchestration engine to run functions relevant to specific business use cases, including MFA authentication and transaction settlement. Additionally, I spearheaded integration of Istio into Kubernetes clusters to gather service health metrics and enable painless distributed tracing across applications.
awards
CloudFlare bug bounty program, 2022
Awarded $750 for undisclosed DNS resolution bug
skills
Languages
JavaScript, Java, TypeScript, Python, Spanish (somewhat)
Frameworks, Platforms & Tools
SQL, git, AWS, Docker, Kubernetes, Terraform
education
University of California, Santa Cruz
Bachelor of Science, Computer Science