# Andrew White

> Security-focused software engineer and data scientist

Location: Pacifica, California, United States
Profile: https://flows.cv/andrewwhite

Security software engineer and data scientist focused on solving complex security problems with automation, data, and statistics/machine learning where appropriate. PhD in Computer Science with a focus on security.

## Work Experience
### Software Engineer @ Verkada
Jan 2024 – Present | San Mateo, California, United States

### Staff Software Engineer @ LinkedIn
Jan 2022 – Jan 2023 | California, United States

### Senior Software Engineer @ LinkedIn
Jan 2019 – Jan 2022 | San Francisco, California

### Senior Security Software Engineer @ Netflix
Jan 2015 – Jan 2018 | Los Gatos, CA
Senior Security Software Engineer focused on corporate information security:

› Created a user-behavior anomaly-detection system for corporate user accounts as part of a cross- functional team including data scientists and data engineers
› Defined security policy for adaptive authentication in a zero-trust framework
› Designed and implemented the open-source web app Stethoscope, which integrates information from systems management tools in a user-friendly interface providing the necessary context and guidance to help users improve the security posture of their endpoint devices
› Consulted on the open-source Stethoscope native app, which provides the same benefits without traditional systems management tooling
› Implemented and deployed a service ingesting millions of user activity records per day

### Research Assistant @ University of North Carolina at Chapel Hill
Jan 2008 – Jan 2015 | Chapel Hill, North Carolina
› Investigated the extent to which information can be inferred about website visits in encrypted connections; designed and implemented a software library and set of tools for performing statistically robust experiments and analyses on data representing such connections; compared a new approach with more than 10 approaches used in prior work under a new adversarial scenario as well as those used by previous work.

› Explored the security, usability, and linguistic challenges of using pronounceable tokens, and particularly lexical blends (i.e., portmanteaus), as passwords; developed methods and software for rating the pronounceability of word-like strings.

› Designed and analyzed multiple techniques for fast identification of opaque, i.e., compressed or encrypted, network traffic; evaluated techniques using the Bro and Snort intrusion detection systems on two high-speed campus networks. 

› Explored extent to which automated techniques can reconstruct typed input from compromising reflections captured by commodity video cameras.

› Investigated severity of information leaks in encrypted VoIP conversations; designed and implemented an extensible object-oriented platform for sequence classification, including an implementation of profile hidden Markov models and other machine learning algorithms.

› Analyzed domain-name registrations to assess extent of speculation, tasting and front-running; designed and implemented a distributed system for measuring front-running.

### Lab Instructor @ University of North Carolina at Chapel Hill
Jan 2013 – Jan 2013 | Chapel Hill, NC
Lab Instructor and Course Co-Instructor (with Prof. Fabian Monrose)
Introduction to Computer Security

› Delivered lecture series on basic cryptography
› Administered weekly lab session
› Developed new lab modules; updated and improved existing lab modules
› Prepared new programming assignments; converted existing lab modules to graded assignments
› Graded both written reading responses and programming assignments

### Research Summer Intern, Network & Device Cybersecurity Analytics @ IBM Research
Jan 2012 – Jan 2012 | TJ Watson Research Laboratory, Hawthorne, NY
› Explored and evaluated approaches for providing security and forensic analysis engines with a viewpoint into encrypted network traffic; designed and implemented techniques for inferring details overlooked by previous work.

### Student Associate, Computer Science Laboratory @ SRI International
Jan 2010 – Jan 2010 | Menlo Park, CA
› Investigated fast methods for identifying encrypted network traffic. 

› Analyzed real-world encrypted botnet command-and-control traffic; explored methods for detecting encrypted C&C traffic.

### Undergraduate Research Assistant @ University of Richmond
Jan 2005 – Jan 2008 | Richmond, Virginia
› Analyzed and developed methods for ensuring computation integrity in distributed volunteer
computing platforms.

› Investigated the use of machine learning techniques to detect malicious behavior by participants in distributed volunteer computations.

› Designed and implemented prototype applications for a campus-wide volunteer distributed com- puting initiative; prepared, tested, and administered server and 5–10 clients, including Ubuntu Linux, Mac OSX, Windows XP.

### Instructional Technology Consultant @ University of Richmond
Jan 2005 – Jan 2008 | Richmond, VA
› Instructed and assisted faculty, staff and students with projects incorporating audio, video, print and web media for classroom and research use.

› Designed and implemented web-based computer lab management, scheduling and checkout system.


## Education
### PhD in Computer Security
The University of North Carolina at Chapel Hill

### M.S. in Computer Science
The University of North Carolina at Chapel Hill

### B.S in Computer Science
University of Richmond

### B.A. in Mathematics
University of Richmond

### Semester Abroad in Computer Science
University of St Andrews


## Contact & Social
- LinkedIn: https://linkedin.com/in/andrewmwhite

---
Source: https://flows.cv/andrewwhite
JSON Resume: https://flows.cv/andrewwhite/resume.json
Last updated: 2026-04-11