* Reviewed cryptographic designs and code* Assisted internal penetration testers with engagements and designing mitigations

ACS Security Assurance* Conducted design reviews* Assisted internal red team with reviews and cryptographic exploits* Reviewed cryptographic designs/code from across the company* Member of the task force preparing for post-quantum cryptography* Member of the review board maintaining Apple's trust list for root CAs* Implemented cryptographic code to assist developers

Security Engineer for AWS Crypto Tools:* Design, review. and implement cryptographic libraries including:** AWS Encryption SDK** DynamoDB Encryption Client** Amazon Corretto Crypto Provider* Member of Crypto Bar Raisers (group of cryptographic SME to review design and implementations across the company)** Custom crypto designs/implementations for internal use** Review designs and implementations** Consult with teams to determine best solutions (even if this results in not needing cryptography)* Design and develop internal tools to make cryptography easier for developers* Primary resource for s2n cryptography questions and review* Coordination with external penetration testers* Numerous roles within Amazon's publicly trusted root CAEmbedded Security Engineer on AWS KMS:* Detailed security analysis* Cryptographic analysis, design, and implementation* Code reviews* Software Development* Process (both operational and security) Design* Threat Modeling* Feature & Service Design* Mentoring Junior EngineersApplication Security Engineer:* Design Reviews* Code Reviews* Threat Modeling* Developer Support* Incident Response* Penetration Test Coordination* Mentoring Junior Engineers

Technical support to both users and moderators. Patch and feature development. Managing moderators. Final arbiter for disputes between players, between staff, and between players and staff. Drafting moderation policy.

Developer on Google Cloud Storage. Implemented RSA signature verification as a replacement for HMAC to support move to OAuth2. Also implemented data life-cycle management.

Security analysis and support to the developer community of Amazon. Detailed threat-modeling and mitigation for EC2 including launch of Windows instances.DoS incident response.Strategic guidance for security in EC2.Designed and implemented automated abuse detection and mitigation.Designed and implemented authentication & auditing solutions.Worked with junior developers to help integrate them into Amazon culture and standards.Work related to PCI/DSS (and other standards) compliance efforts.

Developed the Amazon Unbox / Amazon Instant Video downloadable video product. Designed and implemented webservices in Java, Perl, and C#. Developed the client in C# and C++. As lead-engineer (services) oversaw development of the services architecture and design of new services. Integrated service with TiVo.

Custom Delphi development on both job-management software for a print-shop and a web interface to an existing database application.