I lead the Trust org at Brex, which consists of several Security engineering teams and GRC.- Security @ Brex, which not only consists of the traditional infrastructure/application/corporate security teams, but also the software engineering teams responsible for developing security features in the Brex Product. We seek to inspire audience trust by providing a secure environment for Brex customers and staff, regardless of location, where the default way is the easiest and most secure.- GRC matures Brex’s Trust posture, maintains global compliance, optimizes security practices, and mitigates enterprise risk, thus instilling trust with our customers.Overall, the Security org ensures Brex is able to securely scale and grow, while still protecting customers and their data.

I led all of Security @ Brex, which not only consists of the traditional infrastructure/application/corporate security teams, but also the software engineering teams responsible for developing security features in the Brex Product. We seek to inspire audience trust by providing a secure environment for Brex customers and staff, regardless of location, where the default way is the easiest and most secure. Overall, the Security org ensures Brex is able to securely scale and grow, while still protecting customers and their data.

ConductorOne, Hurree, MoveTru, OsoHQ, Phoenix Security, Resourcely, Vaultree,

Advisor on the design, architecture and implementation of an Information Security & Privacy Program

Senior Director - Head of Security & ITKey Results: - Developed a Security & IT program from scratch - Created a foundational data privacy policy for customer data- Owned Identity Access Management for all internal and external Subspace services - Embedded security into the engineering org and their dev workflows

I owned the vision and strategy for InfoSec @ Riot, leading Product & Tech for the Security department @ Riot Games.I led 55 people across:- CorpSec, AppSec, Platform Security, Anti-Cheat, Risk & Review, Data Privacy & Security OperationsKey Results: - Implemented a security program that included starting an AppSec team, vulnerability management, security review process and bug bounty program from scratch- Brought the security team fully into the Engineering organisation(e.g Cloud Inquisitor @ ReInvent 2017; KeyConjurer @ Re:Inforce 2019)- Developed and integrated a security checklist into the full game lifecycle-Converted security policies into pseudocode within the internal RFC process- Led the Anti-Cheat team to develop Packman and Vanguard, which ensure game integrity and security, for League of Legends and ValorantResponsibilities included:- Building and improving the Information Security program at Riot through setting the vision and being accountable for the execution of said vision- Socializing security and building security into processes through the org- Close collaboration with product to integrate security frictionlessly into Riot's products and games throughout the lifecycle- Leading and mentoring Rioters across the org

I was the Head of Player Security @ Riot, which meant I was accountable for player trust and the player experience being secure. Player Security consisted of Platform & Cloud Security, as well as Anti-Cheat (covering the integrity of all Riot's games).I worked across many areas ranging from our game infrastructure to some magical stuff in the cloud and onto Layer 8 (as a people manager) with some DFiR thrown in for good measure.

As the first security hire in Europe and an Engineering Manager in Dublin, I had the privilege of building an InfoSec team from scratch.Those team members went on to lead AppSec, InfraSec, Corporate Security and Bug Bounty for Riot worldwid, from remote offices.Wearing many hats is typical at Riot, such that most of my time is as a Product Owner for a bunch of stuff within InfoSec @ Riot ranging from corporate security to network infrastructure and some magical stuff in the cloud. This role involved working with the team to come up with a roadmap, focusing on the biggest impact for our players,and subsequently driving together towards execution.I led a strike force (containing folks from multiple teams) to combat the DDOS challenges that League of Legends was facing from frustrated players and groups such as Derp Trolling and Lizard Squad. This work ultimately resulted in the creation of Riot Direct.

In 2009, I created and designed HackEire, Ireland's first Ethical Hacking contest. We built, organised and successfully held HackEire 2009 in Dublin, Ireland, at IrissCon. The contest was free to enter and was clearly a great success.HackEire 2010 was held at the second #IRISSCon conference, on November 19th 2010, in Dublin. This year there were even more entries and the HackEire network was developed further such that the game itself was clearly more complex and varied. Consequently, the competitors faced challenges that they were not necessary familiar with and undoubtedly developed their skills further!HackEire 2011 took the game to another level :)

As part of the new 10gen EMEA Tech Support team, I - work on MongoDB- resolve issues for customers worldwide- support those same customers through pre, post and during implementation- help grow MongoDB in the community through presentations, site visits, conferences and getting out there- do some packaging/build work- have become the "security guy", which has been awesome :)See the following links for more precise details:- http://blog.markofu.com/2012/07/being-support-engineer-10gen-part-1.html- http://blog.markofu.com/2012/10/being-support-engineer-10gen-part-2.html

I led the EMEA Networking TRM team, mentoring younger team members and essentially I sort out the 'crap' for the 'big' Citrix Networking customers in EMEA & NA. I The job was very much technical, with problems covering all layers from 2 to 7, alongside a good dose of relationship management. As I always ensured that the needs of my customers are looked after, my customers come to me also for all pre-sales enquiries and POCs :)From a technical perspective, it was a "deep dive" into TCP (buffering, window size/scaling, options, congestion/flow control), HTTP (headers, latency, caching, compression, Apache, IIS, Layer 7 security), SSL (Offload, TPS, VPN), SQL (MySQL & MS), Load Balancing, dump analysis (gdb), system & flow analysis (packet captures, log files & reporting tools), WAN Optimisation, Security and a bit of scripting (perl, awk, NS Regex Engine & bash)....blah, blah,blah! I am the single point of contact for all technical issues for my customers.On the relationship side, I ensured that my Citrix Networking TRM customers were happy, with their issues being quickly resolved and receiving the appropriate level of attention within Citrix. With me as their TRM, my customers remained as Citrix customers and in all cases, bought more product.My customers were typically cutting edge and involved in our pre-beta programmes, meaning that I got to play with Netscaler technology long before public release. Not only did I learn from playing with bleeding-edge technology but I established a very constructive relationship with Engineering and Product Management such that I had input into new features :)Additionally, I regularly wrote KB articles for Citrix on many technical issues and regularly gave technical webinars on various technical topics such as caching, load-balancing, security and nuances in the product.

Founding MemberVolunteer Incident Handler at Ireland's first CSIRT.Responding to security incidents experienced by Irish SMEs and alerting those companies to new vulnerabilities.Founding member also of the accompanying security conference.

Team Lead for the AIB Internet Infrastructure Security team.I designed, built, managed and secured the AIB Internet Infrastructure from which AIB provides Internet Services to internal and external customers.

Progressed from graduate to senior SE at AIB, where I am esponsible for the design, build, implementation,support and security of the AIB Internet Infrastructure.