I have worked in IT for 22 years and Information/Application Security for the last seventeen. I started as an Enterprise Java Developer; then transitioned to helping build an Application Security program as both tech lead and manager. I later played the role of Enterprise Architect and did a little incident response and reverse engineering malware for fun. I then spent a number of years as a consultant helping clients build AppSec Programs, perform SAMM Assessments, create/update SDLCs, and other related initiatives. I worked on the Trustworthy Computing team at Microsoft for a period, and am currently an Assistant Professor of Computer Science teaching Computer Science and Cybersecurity. I have been one of the project leads and active contributor to SAMM v1.1-2.0+ and OWASP Top 10 2017, 2020+. I have previously spoke numerous meetings and conferences over the years.Specialties: Application Security, Enterprise Java Development, Technical Lead, Manager, Web Services, Information Security Analyst
Listed skills include Application Security, Java, Information Security Management, Web Services, and 32 others.