• Security Operations • Incident Response • Cyber Threat Intelligence • Intrusion Detection • Threat Modeling
• Vulnerability • Risk Management • Cloud Architecture • AWS • GCP • Azure • SOAR • EDR • SIEM
• Kubernetes • DevOps • Technical Documentation • Terraform • Atlantis • Virtualization • Data Analysis
• People Management • Program Management(Agile, SCRUM, Waterfall) • Public Speaking • Policy Writing
VRChat (Aug 2022 — Jun 2024)
Security Manager
Languages used: Golang, Nodejs, Python, C#, Rust
During my time as Security Manager, I was responsible for the greenfield construction and maturation of a company-wide security organisation. As part of this, I:
- Hired and led a multidisciplinary security team of 7 members supporting 150+ employees.
- Developed an incident response programme from scratch and trained engineers on IR best practices.
- Planned and implemented short-term (<1 year) and long-term (1-5 years) security strategies, reporting status updates against OKRs to executives and senior staff on a regular basis.
- Advised and implemented strategies for securing user-generated content (UGC).
- Educated employees on security and consulted with 12+ other teams to improve technical designs and reduce security risks.
- Mentored employees and advocated for technical and professional development.
- Performed vulnerability scans and hardened AWS cloud infrastructure for production environments with millions of assets.
- Coordinated with API engineers to identify security risks and developed mitigation plans, including on cloud architecture and configuration.
- Assisted in onboarding new engineers and partnered with the legal team on compliance needs.
- Conducted incident response as needed.
Vimeo (Sep 2019 — Aug 2022)
Infrastructure & Operations Security Engineer
Languages used: PHP, Python, Terraform
- Designed, implemented, and managed a company-wide incident response programme, including training, documentation, KPIs, and executive briefs.
- Coordinated multiple simultaneous high-priority projects across complex environments and requirements.
- Evaluated and remediated cloud architecture vulnerabilities across both AWS and GCP.
- Interviewed dozens of candidates for hiring initiatives and assisted in improving the hiring process.
- Researched industry security best practices and tested implementations.
- Mentored junior colleagues on professional development.
Jackson National Life (Feb 2019 — Aug 2019)
Security Engineer
Languages used: Python, SQL
- Scoped, designed, and implemented an Ansible and Docker-based SOAR platform directly improving incident analysis/response times.
- Updated and maintained SIEM infrastructure, including parsing new log sources and writing custom detection rules.
- Participated in cross-team and department initiatives for hardening company security.
- Established team-wide version control policy and best coding practices for future projects.
- Advocated for project resilience and disaster recovery initiatives.
• English • Japanese • Swedish