• Product Manager for Chrome Security, focusing on ensuring users have secure and trustworthy connections.

• Nametag mediates PII between users and companies via a push notification approval flow (Stripe crossed with Duo for PII).
• Recruited to join by Ross Kinder after I left Censys. I was the second employee and first non-executive hire.
• Backend service engineering and design, primarily in Go, with a focus and security, privacy, and anti-abuse.
• Led cryptography engineering, including authorization token design and deployment, and mobile TPM key architectures.
• Built and defined core product features, including the user flows for multi-device support and automatic ID-based account recovery.

• Created Censys as a research project to expose Internet-wide measurement data during my PhD at the University of Michigan.
• Cofounded a startup to commercialize the Censys research project into an enterprise data offering and SaaS security product.
• Set company-wide engineering direction and vision as Censys grew to over 50 employees and over $3M annual recurring revenue, and a $15M Series A.
• Contributed to technical product direction, defining how our SaaS application and data offering interact.
• Defined and implemented an engineering-wide service-based architecture supporting multiple data-driven products.
• Led data engineering team, responsible for collecting scan data on over 4B hosts, processing over 2B X.509 certificates, and providing terabytes of data to enterprise customers daily.
• Built ETL pipelines for data warehousing and search applications.
• Migrated data infrastructure from custom on-premise (datacenter) technology to Google Cloud and Apache Beam.
• Led the adoption of Kubernetes, container-based development, and a polyglot monorepo.
• Managed cross-Language build tooling, including code generation for Protobuf and gRPC.
• Worked in both individual contributor and management roles, with between 3 and 9 direct reports.
• Scoped and successfully delivered initial SaaS MVP, rescuing the project after two other engineering managers were unable to deliver.
• Created and led the adoption of a project tracking system for cross-team initiatives, leveraging JIRA and Confluence.

• Implemented OCSP Expect-Staple in order to begin measuring the feasibility of OCSP Must-Staple.

• Offered two-factor authentication-as-a-service, using mobile phones as the second authentication factor and push notications for login approval.
• Grew various Python backend subsystems to support new features; handled all bugs, feature requests, and security considerations for the Duo Unix client.
• Wrote a patch for OpenSSH to securely allow third-party authentication plugins

• Developed an Android framework (MANES) for testing feasibility, routing protocols, and location profile systems of large-scale mobile ad hoc networks that could be used for censorship-resistant communication.
• Built Shout, a user-friendly censorship-resistant communication Android application on top of MANES.
• Managed and led student software development teams.
• Resulted in a publication at MobiHoc 2015.

• Maintained over 700 wireless access points for the College of Engineering campus.
• Transitioned printing system from CAEN control to campus-wide IT department.
• Diagnosed and performed network troubleshooting as needed.

• Undergraduate course on computer security.
• Cotaught with Professor Halderman and Professor Honeyman.

• Undergraduate course on computer security.
• Lead a weekly discussion section, and guest-lectured when the instructor was unavailable.
• Head GSI; organized other teaching assistants.

• Graduate course on computer security research.
• Guest-lectured when the instructor was unavailable, and continued the tradition of guest-lecturing on cryptography for the first class of the semester.
• Advised students on class research projects.

• Introductory course on algorithms, taught in C++. Covered runtime complexity, sorts, trees, heaps, and basic search and graph algorithms.
• Held a weekly discussion section to reinforce concepts introduced in lecture.
• Held weekly office hours for help with concepts and projects.

• Introductory course on data structures, taught in C++. Covered recursion, pointers, structs and classes, inheritance and dynamic memory
• Held a weekly lab section where students coded examples based on content from the week’s lectures.
• Held biweekly office hours for help with concepts and projects

• 22nd ACM Conference on Computer and Communications Security (CCS 2015)
  • Awarded for “Imperfect Forward Secrecy”
• 14th ACM Internet Measurement Conference (IMC 2014)
  • Awarded for “The Matter of Heartbleed”

• Best Crypto Attack, Black Hat 2016
  • SSLv2 Crypto Attack (DROWN)
• Most Innovative Research, Black Hat 2015
  • Logjam

• Awarded for “Neither Snow Nor Rain Nor MITM…”

• Finalist with “DROWN: Breaking TLS using SSLv2”, did not win.

• Member since 2013

• Member since 2016

• David Adrian – Emmanuel Thomé – Peter Montgomery – Paul Erdos

Training for Intervention ProcedureS (TIPS) Certified Bartender