Education
Texas A&M University, College Station
Bachelors of Science in Computer Science, Minor in Business Administration
Languages
English, German
Skills

Programming Languages

Python, C\C++, C#, JavaScript, TypeScript, CSS, HTML 5, T-SQL

Technologies

Azure, AWS, Kubernetes, Docker, Flask, Node.js, D3.js, MongoDB, DynamoDB, Azure Active Directory, SQL Server/MySQL, Linux/Ubuntu, Windows, Windows Server

Organizational

Recruiting, Public Speaking, Mentoring
Work
Aug 2019 - Present

Lyft

Staff Engineer, Behavioral Engineering and Red Team

  • Help prioritize and prove Lyft’s security efforts through Red Team exercises.
  • Created tooling enabling the gamification of security behaviors.
  • Technical leader of Red Team, security automation and security scaling efforts at Lyft.
  • Created CTF infrastructure for Security onboarding training for all new engineers.
  • Major contributor to Cartography
Jun 2014 - Aug 2019

Microsoft

Senior Security Software Development Engineer, Azure Red Team

  • Information on The Azure Red Team is available in our white paper
  • Presented advanced Cloud Post Exploitation Techniques at Infiltrate 2017
  • Improving Azure security by conducting penetration tests against Production Azure infrastructure and services.
  • Reinforcing the "Assume Breach" mindset across all Azure services by emulating Advanced Persistent Threats.
  • Developing attack oriented tools that scale the breadth of Azure.
  • Presented at BlueHat (Microsoft's Internal Security Conference) and other internal security conferences.
  • Working with the Blue Team post breach to identify necessary improvements in prevention, detection and response from Advanced Persistent Threats.
  • Completed the Offensive Security Certified Expert course.
  • The effectiveness of the security team systems and procedures is evident in the public's reaction to Microsoft's security posture. http://nyti.ms/1j6pSaR
Jun 2010 - July 2014

Microsoft

Software Development Engineer in Test II

  • Features (Designed, Implemented, Tested)
    • External Data Connections
    • Expression Evaluation
    • Access Apps for Office
  • Shipped Microsoft Access 2010 (SP1), 2013, and worked on Access "Next".
  • Created scribe - a test automation tool that creates automated tests from recording user actions.
  • Helped move Access from a client database to a web based app creation tool
  • Member of Agile committee that implemented Agile across the Access team.
  • Speaker at TechReady, MVP summits, and various other conferences.
  • Rewrote automation framework for the web and enabled targeting our JavaScript based runtime in tests.
  • Did university recruiting, speaking, and interviewing at Texas A&M in the spring of 2011, 2012, 2013.
  • Drove security for the team. Advised and pen tested every feature against web based threats - XSS, XSRF, SQL Injection
 
Summer 2009

Continental Airlines (Now United Airlines)

Web Development Intern

  • Designed and implemented US e-Verify system for HR Department
  • Worked with Homeland Security and Social Security Administration to verify employee work eligibility
  • Developed and maintained custom .NET web controls for employee travel reservation system
Projects

Hurleyisms.com

Co-Designed and implement Hurleyisms.com for a client. Hurleyisms is a database of 1000+ hilarious lines to drop on your photography subjects.