# William (B.J.) Snow Orvis

> Software Developer/Engineer/Researcher at Data Theorem

Location: Oakland, California, United States
Profile: https://flows.cv/williambjsnoworvis

Security nerd and developer with a passionate interest in finding solutions to difficult security problems that will make the world a better place and empower users to have control of their digital lives.

## Work Experience
### Software Developer/Engineer/Researcher @ Data Theorem
Jan 2016 – Present | Palo Alto, CA

### Principal Security Architect @ NCC Group Domain Services (Artemis Internet Inc.)
Jan 2014 – Jan 2015 | San Francisco, CA
Worked closely with the other software engineers, systems engineers (dev ops), and product managers to design and build a security meta-scanner and vulnerability management product for verifying the security of DNS, websites, and other services related to domains hosted under the .trust TLD. Built a service oriented architecture deployed onto AWS EC2 while working with technologies like Ruby on Rails, Go, and Puppet.

Led efforts to design and build the product’s core authentication and authorization functionality, to implement encryption of sensitive customer data, and to roll out TLS between all services. Ensured that product's web applications were built with a high level of security.

Maintained and updated the .trust Technical Policy — a set of security best practices and requirements for domains hosted under a new, security-focused, top-level domain. Acquired a deep understanding of newer security technologies and standards to determine how to best update the policy and to inform an advisory board for approval of the proposed changes.

Established and implemented the Secure Development Lifecycle for the division. Educated other developers about a variety of security topics, performed code reviews, and coordinated penetration tests.

### Senior Software Security Engineer @ NCC Group Domain Services (Artemis Internet Inc.)
Jan 2013 – Jan 2014 | San Francisco, CA
(Started March 2013, but did not officially change divisions until May) 

Began development on a security-meta scanner and vulnerability management product using Ruby on Rails for determining whether a domain and its servers comply with a set of security best practices and requirements for the .trust top-level domain (initially for the .secure top-level domain).

Worked closely with other developers and security engineers to ensure the team followed security best practices for web application security.

### Senior Security Consultant @ iSEC Partners (NCC Group Plc)
Jan 2011 – Jan 2013 | San Francisco, CA
Led teams of penetration testers to perform numerous white box security assessments of web, iOS, Android, and desktop applications. Documented findings and provided detailed recommendations to clients.

Created and presented educational materials to clients regarding Ruby on Rails, iOS, and Android security issues and best practices.

### Security Consultant @ iSEC Partners (NCC Group Plc)
Jan 2010 – Jan 2011 | San Francisco, CA
Performed security assessments of web, iOS, Android, and desktop (Windows) applications. Documented findings and provided detailed recommendations to clients.

Researched Mac OS X security in order to present on Mac OS X in the Enterprise at Black Hat 2011.

### S&E Technical Scholar @ LLNL
Jan 2007 – Jan 2007 | Livermore, CA
Interned with the Cyber Security Program. Analyzed and tested web applications for vulnerabilities, designed and developed Exceptions and Deviations Database (workflow system for signing security related forms, and looked at incorporating XML based cryptographic signatures using Perl and Java).

### Teaching Assistant @ UC Davis
Jan 2007 – Jan 2007 | Davis, CA
TA for Intro to Programming and Problem Solving, and Software and Object Oriented Programming. Taught discussion sections, graded assignments, and gave lectures when professor was at conferences.

### Graduate Student Researcher @ UC Davis
Jan 2005 – Jan 2006 | Davis, CA
Performed research for Professor Matt Bishop. This included work on Property Based Testing, a tool for instrumenting Java code written in C++ and Java; and on a Secure Programming Clinic, a clinic to encourage robust programming amongst novice programmers.

### Student Programmer @ UC Davis
Jan 2004 – Jan 2005 | Davis, CA
Provided technical support at the Computer Science Instructional Facility (CSIF); assisted in maintaining and upgrading computer systems running Linux; helped students and other users utilize the facility for doing homework and teaching; helped track down bugs and problems.

### Barista @ Starbucks Coffee Company
Jan 2002 – Jan 2004
Worked in a store whose team received the highest ratings in the region for customer satisfaction for multiple quarters.

### Computer Tutor @ Las Positas College
Jan 2001 – Jan 2003
Assisted users with using Word and Excel and browsing the web; maintained computers by scanning for viruses and software installed by students; reported and repaired hardware and software problems; regularly checked the library's web site for moved or dead links; assisted librarians with miscellaneous library work.


## Education
### MS in Computer Science
University of California, Davis

### BS in Computer Science
University of California, Davis

### Computer Science
Las Positas College


## Contact & Social
- LinkedIn: https://linkedin.com/in/wsorvis
- Portfolio: http://www.aedifice.org

---
Source: https://flows.cv/williambjsnoworvis
JSON Resume: https://flows.cv/williambjsnoworvis/resume.json
Last updated: 2026-04-10