About

Thanks for your interest in me - below you can find a concise summary of my professional skills, public speaking, and a history of my employment.  I am not currently pursuing new opportunities, but am always open to discussion about the future!


Highlights

  • Focused on application security leadership and excellence
  • 18 years Information Technology experience
  • 17 years Software Development experience
  • 14 years of Information Security experience

Core Competencies

  • Enterprise Risk Management and Strategic Risk Assessments
  • Application Security Assessments (Python, Node.js, PHP, Java & .NET Enterprise stacks)
  • Network Security Assessments (Ethernet, WLAN, Fiber)
  • Information Security Management (Policy/Process, People initiatives)
  • Server Installation & Maintenance (FreeBSD/UNIX, Windows)
  • Software Development (C/C++, Java/J2EE, C#, PHP, Python, .NET Framework)

Technical Skills

  • Penetration Testing
  • Vulnerability and Risk Assessment
  • Security and Risk Management
  • Network Security Monitoring
  • Software/Systems Architecture
  • Software Development (many languages and platforms)
  • Network & Application Security tools
  • Source Code Review

Key Successes

  • Building local security communities (BSidesVancouver, OWASP Vancouver, OWASP Winnipeg)
  • Supporting the global security community (AppSecEU, AppSecUSA, Security BSides)
  • Inception and development of Minion security platform
  • Advancing the state of security at Mozilla
  • Development and execution of training materials for corporate, community, and academic uses
  • Advancing diversity and inclusiveness initiatives in the workplace

Community Initiatives

  • BSidesVancouver, Co-founder, organizer, 2013 - 2015
  • OWASP Vancouver, Chapter Lead, 2007 – 2015
  • OWASP Winnipeg, Chapter Lead, 2004 - 2007
  • InfoSec BC, Member (President 2010), 2007 - 2013

Professional History

  • OpenDNS (Cisco Systems), Security Engineer, 2015-Current
  • Mozilla, Application Security Manager, 2012-2015
  • Mozilla, Web Security Engineer, 2011-2012
  • HSBC Bank Canada (GSD), Senior Consultant, Information Security, 2009-2011
  • HSBC Bank Canada, Consultant, Information Security, 2007-2009
  • Government of Manitoba, Security Analyst, 2005-2005,
  • Seccuris Inc, Information Security Analyst, 2003-2005

Public Speaking & Community Engagement
This is a selection of public speaking related to information security and software development. In addition, more than 30 talks have been given at regional events across Canada.

Conferences

  • BSidesWinnipeg 2013 – Security in the Open
  • RMLL 2013 – Security@Mozilla
  • AppSecEU 2013 – Minion – Making Security Tools Accessible for Developers
  • AppSecUSA 2012 – Security At Scale
  • BSidesSF 2012 – Opening Identity

Training

  • OpenLate Vancouver – Let’s Build: Asteroids with Unity3D
  • OpenLate Vancouver – Using LetsEncrypt
  • BSidesSeattle 2012 – OWASP ZAP Training Session