Experience

Apr 2025 — Present
Senior Security Engineering Manager, Product Security — Menlo Security
  • Owning AppSec strategy: secure coding practices, security automation, and embedding AppSec in the SDLC.
  • Closed gaps across cloud & product security, improving threat detection and risk mitigation.
  • Built security awareness programs and partnered closely with compliance (SOC2, FedRAMP, ISO27001).
  • Maintained robust product security through multi-cloud migrations (AWS/GCP) and established HSM-backed key/cert management.
Apr 2021 — Present
Vice President, Technology — Pioneera Ventures
  • Strategic Planning: Developing and implementing technology strategies that align with the company's business objectives and contribute to its long-term success.
  • Financial Acumen and Budgeting: Managing the technology budget, allocating resources efficiently, and ensuring IT investments provide a strong return. They must understand the firm's value creation plan and be able to communicate technology investment trade-offs to investors.
  • Team Leadership: Leading, mentoring, and developing high-performing technology teams. They are responsible for recruitment, training, and fostering a culture of innovation.
  • Risk Management and Cybersecurity: Protecting sensitive data, implementing robust cybersecurity policies, and ensuring compliance with industry regulations.
  • Innovation Management: Identifying emerging technologies and trends that can enhance efficiency and competitiveness. This includes leading digital transformation initiatives.
  • Due Diligence and Deal Support: Working with deal teams to evaluate and execute technology investments. This may involve conducting due diligence on target companies and building financial models to assess potential returns.
Mar 2019 — Present
Security Advisor — Fides Innova
  • Cryptographic Architecture & Strategy: Advise on the security architecture of a decentralized verifiable computing platform, leveraging Zero-Knowledge Proofs (ZKP) and blockchain consensus mechanisms to ensure data integrity and privacy across IoT and Machine Learning ecosystems.
  • Decentralized Trust Frameworks: Provide technical guidance on designing trustless, distributed networks, ensuring secure interoperability and verifiable data exchange for smart homes and industrial automation.
  • Secure Ecosystem Design: Champion secure-by-design principles for the Fides Innova ecosystem, addressing complex attack vectors in decentralized infrastructure and enabling secure monetization of IoT data.
Aug 2021 — Mar 2025
Security Engineering Manager, Product Security — Menlo Security
  • Scaled security automation and built guardrails in CI/CD (SAST, SBOM, container scanning).
  • Launched and grew a Security Champions program to shift security left.
  • Drove remediation from internal/external testing and bug bounty findings; optimized tooling spend.
Mar 2021 — Jul 2022
Senior Security Engineer, Product Security — Menlo Security
  • Built hardened base images (AMIs/GCIs) meeting STIG/CIS; automated vuln scanning for instances.
  • Integrated cryptographic controls (KMS/HSM) and secured data in transit/at rest.
  • Partnered with dev teams to reduce risk across microservices & containers; produced FIPS-compliant Ubuntu base.
Nov 2018 — Feb 2021
Senior Security Engineer, R&D Cloud Security — Cisco
  • Designed highly available cloud-native services powering Umbrella protections (DNS/SWG/CDFW).
  • Migrated legacy stacks to AWS/GCP; instrumented secure logging and monitoring.
  • Implemented CI/CD pipelines (Jenkins/Flux/Ansible/Rundeck) and modernized controls (SOC2).
Apr 2015 — Oct 2018
Lead Software Engineer, Dedicated Team — Broadridge Financial Solutions
  • Played a key role in the development of Dataphile software products and the implementations of Canada Security CRM2 initiative.
  • Developed software tools for effective conversion of the database systems for newly acquired clients, e.g. developed tools to convert IBM ISM database system to the Broadridge database system.
  • Developed and deployed desktop and web applications that powered back-office processing, multi-currency record-keeping, and reporting for major Canadian banks and independent mutual fund dealers.
Sep 2007 — May 2008
RF and Firmware Engineer, R&D — Research In Motion
  • Developed integrated testing and verification processes for RF modules with RF base-station emulators, spectrum analyzers, and network analyzers
  • Researched regulatory standards for test/verification of the RF modules.
Education

Ph.D., M.A.Sc., and B.A.Sc. in Electrical & Computer Engineering — The University of British Columbia.

Publications

4 journal papers, 10 conference papers (Best Paper at IEEE PIMRC 2015), and 5 posters. Full list and citations available here .

Certificates and Training
  • CISSP (Certified Information Systems Security Professional) (Planned for 2025)
  • Google Kubernetes Engine (GKE) Foundations: Deploying Stateful Applications.
  • Symmetric Cryptography Essential Training.
  • People's Manager: (1) Having Difficult Conversations: A Guide for Managers, (2) Managing and Leading Developers, (3) Building Trust, (4) Effective Technical Communication, (5) Moving from Developer to Engineering Manager