where I’ve been & what I know
Citeline, 2023–present • Product Security EngineerI am helping to build the Product Security program from the ground up, which includes OWASP SAMM assessments, CI/CD pipeline improvements, SAST, DAST, SCA, vulnerability management, and incident response functions. I also work closely with others in the Information Security organization to improve the overarching security posture of the business.
Baton Systems, 2019–2020 • Software EngineerUsing Java alongside ActiveMQ and MySQL, I was responsible for designing and implementing Springboot REST APIs for financial asset management web applications. I also led a project that used Netflix's Conductor workflow orchestration engine to run functions relevant to specific business use cases, including MFA authentication and transaction settlement. Additionally, I spearheaded integration of Istio into Kubernetes clusters to gather service health metrics and enable painless distributed tracing across applications.
CloudFlare bug bounty program, 2022Awarded $750 for undisclosed DNS resolution bug
Frameworks, Platforms & ToolsSQL, git, AWS, Docker, Kubernetes, Terraform
University of California, Santa CruzBachelor of Science, Computer Science