Skills

• Security Operations • Incident Response • Cyber Threat Intelligence • Intrusion Detection • Threat Modeling

• Vulnerability • Risk Management • Cloud Architecture • AWS • GCP • Azure • SOAR • EDR • SIEM

• Kubernetes • DevOps • Technical Documentation • Terraform • Atlantis • Virtualization • Data Analysis

• People Management • Program Management(Agile, SCRUM, Waterfall) • Public Speaking • Policy Writing

Experience

VRChat (Aug 2022 — Jun 2024)

Security Manager

Languages used: Golang, Nodejs, Python, C#, Rust

During my time as Security Manager, I was responsible for the greenfield construction and maturation of a company-wide security organisation. As part of this, I:

  • Hired and led a multidisciplinary security team of 7 members supporting 150+ employees.
  • Developed an incident response programme from scratch and trained engineers on IR best practices.
  • Planned and implemented short-term (<1 year) and long-term (1-5 years) security strategies, reporting status updates against OKRs to executives and senior staff on a regular basis.
  • Advised and implemented strategies for securing user-generated content (UGC).
  • Educated employees on security and consulted with 12+ other teams to improve technical designs and reduce security risks.
  • Mentored employees and advocated for technical and professional development.
  • Performed vulnerability scans and hardened AWS cloud infrastructure for production environments with millions of assets.
  • Coordinated with API engineers to identify security risks and developed mitigation plans, including on cloud architecture and configuration.
  • Assisted in onboarding new engineers and partnered with the legal team on compliance needs.
  • Conducted incident response as needed.

Vimeo (Sep 2019 — Aug 2022)

Infrastructure & Operations Security Engineer

Languages used: PHP, Python, Terraform

  • Designed, implemented, and managed a company-wide incident response programme, including training, documentation, KPIs, and executive briefs.
  • Coordinated multiple simultaneous high-priority projects across complex environments and requirements.
  • Evaluated and remediated cloud architecture vulnerabilities across both AWS and GCP.
  • Interviewed dozens of candidates for hiring initiatives and assisted in improving the hiring process.
  • Researched industry security best practices and tested implementations.
  • Mentored junior colleagues on professional development.

Jackson National Life (Feb 2019 — Aug 2019)

Security Engineer

Languages used: Python, SQL

  • Scoped, designed, and implemented an Ansible and Docker-based SOAR platform directly improving incident analysis/response times.
  • Updated and maintained SIEM infrastructure, including parsing new log sources and writing custom detection rules.
  • Participated in cross-team and department initiatives for hardening company security.
  • Established team-wide version control policy and best coding practices for future projects.
  • Advocated for project resilience and disaster recovery initiatives.

Spoken Languages

• English • Japanese • Swedish