Worked closely with the other software engineers, systems engineers (dev ops), and product managers to design and build a security meta-scanner and vulnerability management product for verifying the security of DNS, websites, and other services related to domains hosted under the .trust TLD. Built a service oriented architecture deployed onto AWS EC2 while working with technologies like Ruby on Rails, Go, and Puppet.

Led efforts to design and build the product’s core authentication and authorization functionality, to implement encryption of sensitive customer data, and to roll out TLS between all services. Ensured that product's web applications were built with a high level of security.

Maintained and updated the .trust Technical Policy — a set of security best practices and requirements for domains hosted under a new, security-focused, top-level domain. Acquired a deep understanding of newer security technologies and standards to determine how to best update the policy and to inform an advisory board for approval of the proposed changes.

Established and implemented the Secure Development Lifecycle for the division. Educated other developers about a variety of security topics, performed code reviews, and coordinated penetration tests.

(Started March 2013, but did not officially change divisions until May)

Began development on a security-meta scanner and vulnerability management product using Ruby on Rails for determining whether a domain and its servers comply with a set of security best practices and requirements for the .trust top-level domain (initially for the .secure top-level domain).

Worked closely with other developers and security engineers to ensure the team followed security best practices for web application security.

Led teams of penetration testers to perform numerous white box security assessments of web, iOS, Android, and desktop applications. Documented findings and provided detailed recommendations to clients.

Created and presented educational materials to clients regarding Ruby on Rails, iOS, and Android security issues and best practices.

Performed security assessments of web, iOS, Android, and desktop (Windows) applications. Documented findings and provided detailed recommendations to clients.

Researched Mac OS X security in order to present on Mac OS X in the Enterprise at Black Hat 2011.