Skip to main content


where I’ve been & what I know


Norstella, 2023–present • Product Security Engineer

I am building the Product Security program from the ground up, which includes maturity assessments, CI/CD pipeline improvements, SAST, DAST, SCA, product architecture review, vulnerability management, and incident response functions. I am also working closely with the rest of the Information Security team to improve the overall security posture of the organization.

Smartcar, 2021–2022 • Software Engineer

As a member of the platform team, I was responsible for the API product itself as well as company infrastructure and internal developer tooling. Primarily working in JavaScript & TypeScript with PostgreSQL, I led development of 5 new OEM platforms (for 10+ brands), utilizing AWS Lambda functions and redis pubsub for authentication flows that required advanced logic handling. I also fleshed out two internal Slack bots which helped improve on-call monitoring and response times.

Baton Systems, 2019–2020 • Software Engineer

Using Java alongside ActiveMQ and MySQL, I was responsible for designing and implementing Springboot REST APIs for financial asset management web applications. I also led a project that used Netflix's Conductor workflow orchestration engine to run functions relevant to specific business use cases, including MFA authentication and transaction settlement. Additionally, I spearheaded integration of Istio into Kubernetes clusters to gather service health metrics and enable painless distributed tracing across applications.


CloudFlare bug bounty program, 2022

Awarded $750 for undisclosed DNS resolution bug



JavaScript, Java, TypeScript, Python, Spanish (somewhat)

Frameworks, Platforms & Tools

SQL, git, AWS, Docker, Kubernetes, Terraform


University of California, Santa Cruz

Bachelor of Science, Computer Science