David May
AeroLeads people directory · profile

David May Email & Phone Number

Senior Security Engineer at TRM Labs
Location: United States 11 work roles 1 school
1 work email found @plaid.com LinkedIn matched
✓ Verified Jul 2026 4 data sources Profile completeness 100%

Contact Signals · 1 work email

Work email d****@plaid.com
LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
Senior Security Engineer
Location
United States

Who is David May? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

David May is listed as Senior Security Engineer at TRM Labs, based in United States. AeroLeads shows a work email signal at plaid.com and a matched LinkedIn profile for David May.

David May previously worked as Product Security Engineer at Plaid and Security Consultant at Bishop Fox. David May holds Bachelor Of Science (B.S.M.E), Mechanical Engineering from University Of Central Florida.

Company email context

Email format at TRM Labs

This section adds company-level context without repeating David May's masked contact details.

{first_initial}{last}@plaid.com
86% confidence

AeroLeads found 1 current-domain work email signal for David May. Compare company email patterns before reaching out.

Profile bio

About David May

David May is a Senior Security Engineer at TRM Labs. He possess expertise in leadership, project management, project planning, research, systems engineering and 2 more skills.

Listed skills include Leadership, Project Management, Project Planning, Research, and 3 others.

Current workplace

David May's current company

Company context helps verify the profile and gives searchers a useful next step.

TRM Labs
Trm Labs
Senior Security Engineer
United States
AeroLeads page
11 roles

David May work experience

A career timeline built from the work history available for this profile.

Senior Security Engineer

United States

Product Security Engineer

San Francisco , California , Us

1) Manage Application Penetration Tests- Having been a pentester for two years, I understand what is required for an effective penetration test. I also apply Threat Modeling to identify known gaps in our products and hot spots in code so that pentesters can hit the ground running.- I lean into the business risk side of testing. Using a risk framework, findings are categorized and prioritized to ensure that outstanding risks to the business are kept to an absolute minimum.- Post-patch validation testing and knowledge of advanced bypass techniques help to ensure that fixes are sound before asking for a retest.2) Threat Modeling- Product-team driven threat modeling is the ideal yet difficult to implement in resource-constrained environments.- To counter act this, I developed an AI tool that parses internal documentation and API docs to identify and synthesize threats.- While not perfect by any means, it got us 80% of the way there while only requiring a tenth of the effort. This allowed us to scale and iterate quickly to identify heavy-hitting latent risks that were previously unidentified.3) Automating Data Streams- Created a CVE parsing tool that processes CVE data feeds with AI to determine applicable software and versions because CVE metadata is largely unstructured and notoriously inconsistent.- The output of this tool can be cross-referenced with SBOMs and asset inventories to determine CVE applicability and apply automated triaging where appropriate.- Parsing code repos and identity source of truth data to determine who owns specific pieces of code to assist with triaging vulnerabilities

Jul 2022 - Dec 2024

Security Consultant

Tempe, Arizona, Us

I provide security consultation services to some of the most prominent companies on the planet. Consultation responsibilities include:- Conducting code reviews and analyzing code both from a static (SAST) and dynamic (DAST) perspective- Performing application penetration tests and uncovering hard to find business-logic type vulnerabilities, including cross-service trust issues- Reviewing cloud architectures (AWS and GCP) to ensure a security-first design- Perform testing on network-connected devices, ranging from IoT to security products, to ensure security gaps are not present- Conduct internal and external network penetration testing to identify weaknesses in the perimeter or in internal systems that could lead to domain compromise or loss of business IP- Design and implement automated test cases for identified vulnerabilities so that findings can be routinely tested as part of CI/CD pipelines

May 2021 - Jun 2022

Senior Penetration Tester

Tampa, Fl, Us

• Assess the security of domains, networks, web applications/APIs, mobile applications, and people within organizations, oftentimes as part of FedRAMP or PCI assessments• Research new TTPs and the latest advancements in this field and develop new exploitation tools and frameworks• Develop and deploy unique phishing campaigns• Prepare reports and presentations at different technical levels in order to effectively communicate the business risk associated with identified vulnerabilities in people, processes, and technologies

Mar 2020 - Apr 2021

Security Engineer

Herndon, Va, Us

Security Engineering responsibilities at SemanticBits include Penetration Testing, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Vulnerability Assessment/Scanning, Malicious Software Analysis, Cloud Security, and DevOps Security. I was responsible for owning the security posture of entire programs that were in pursuit of FedRAMP and HIPAA compliance.Utilizing a thorough understanding of the OWASP Top Ten and the CWE Top 25, I exploit and then help remediate application-level vulnerabilities. Higher-level programming languages, such as python, are regularly used to automate and streamline the Security Engineering process, especially in the Cloud.

May 2018 - Feb 2020

Information Systems Security Officer

Falls Church, Va, Us

At Northrop Grumman, I provide oversight for the day-to-day cyber security operations on a global network. I maintain Information Assurance-related documentation and ensure the system maintains compliance to applicable Risk-Managed controls (NIST 800-53). I coordinate incident response activities and collect and disseminate cyber threat intelligence to ensure the network is protected against the latest threats.

Nov 2017 - May 2018

Cyber Systems Engineer

Falls Church, Va, Us

At Northrop Grumman, I am responsible for assessing, testing, and implementing secure systems. As part of the information security team, I am responsible for establishing and maintaining a security posture that is Risk-Management Framework (RMF) compliant.Daily tasks include vulnerability research and assessment to determine operational impacts, developing patches to different operating systems, developing scripts, maintaining RMF documentation, setting up test environments for security testing, and working with system administrators to secure systems.

May 2017 - Nov 2017

Systems Engineer

Falls Church, Va, Us

At Northrop Grumman, I provide Systems Engineering leadership for a range of Cyber Security and Software driven projects. Daily tasks include synthesizing customer contractual needs and requirements into system requirements and providing solutions that meet customer expectations as well as the technical, schedule, and cost constraints of the program. Activities include developing and directing the preparation and execution of comprehensive plans, procedures and schedules for completing systems; reviewing and evaluating system and software requirements to insure completeness; performing technical analysis of complete systems and preparing comprehensive system level evaluations; supporting testing analysis and verification of products and services in development or delivered; and participating in team efforts for special projects identified by management.

Nov 2015 - May 2017

Systems Engineer

Mclean, Va, Us

Provide engineering review and analysis of ground-support pressure vessels and systems that are critical to the successful launch of space vehicles under the CSSC II Contract.I carry out ASME Section VIII Division 1, Division 2, and FFS calculations to confirm compliance to ASME, API, and NBIC codes. These calculations involve stress analysis, relief valve sizing, and fatigue life determination.

Nov 2014 - Nov 2015

Undergraduate Research Assistant

Orlando, Fl, Us

Conduct Mechanical Engineering Research in the areas of Creep Modeling and Mechanical Test Frame Design.Developed a reduced-order Kachanov-Rabotnov creep model that would reduce the computational resources necessary to simulate creep.Developed a novel method for determining material constants for the Norton-Bailey creep model using statistics.

Jan 2011 - May 2014
1 education record

David May education

  • University Of Central Florida
    University Of Central Florida
    Mechanical Engineering
FAQ

Frequently asked questions about David May

Quick answers generated from the profile data available on this page.

What company does David May work for?

David May works for TRM Labs.

What is David May's role at TRM Labs?

David May is listed as Senior Security Engineer at TRM Labs.

What is David May's email address?

AeroLeads has found 1 work email signal at @plaid.com for David May at TRM Labs.

Where is David May based?

David May is based in United States while working with TRM Labs.

What companies has David May worked for?

David May has worked for Trm Labs, Plaid, Bishop Fox, Schellman & Company, Llc, and Semanticbits.

How can I contact David May?

You can use AeroLeads to view verified contact signals for David May at TRM Labs, including work email, phone, and LinkedIn data when available.

What schools did David May attend?

David May holds Bachelor Of Science (B.S.M.E), Mechanical Engineering from University Of Central Florida.

What skills is David May known for?

David May is listed with skills including Leadership, Project Management, Project Planning, Research, Systems Engineering, Cyber Security, and Pentesting.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.