AeroLeads people directory · profile

Kinnaird Mcquade Email & Phone Number

Chief Security Architect at BeyondTrust
Location: Arlington, Virginia, United States 11 work roles 3 schools
1 work email found @salesforce.com 4 phones found area 703 and 650 LinkedIn matched
✓ Verified Jul 2026 4 data sources Profile completeness 100%

Contact Signals · 1 work email · 4 phones

Work email k****@salesforce.com
Direct phone (703) ***-****
LinkedIn Profile matched
3 free lookups remaining · No credit card
Current company
Role
Chief Security Architect
Location
Arlington, Virginia, United States
Company size

Who is Kinnaird Mcquade? Overview

A concise factual answer block for searchers comparing this professional profile.

Quick answer

Kinnaird Mcquade is listed as Chief Security Architect at BeyondTrust, a with 1710 employees, based in Arlington, Virginia, United States. AeroLeads shows a work email signal at salesforce.com, phone signal with area code 703, 650, and a matched LinkedIn profile for Kinnaird Mcquade.

Kinnaird Mcquade previously worked as Founder/CTO at Nightvision and Staff Security Engineer at Square. Kinnaird Mcquade holds Master Of Science (M.S.), Cybersecurity from Marymount University.

Company email context

Email format at BeyondTrust

This section adds company-level context without repeating Kinnaird Mcquade's masked contact details.

{first_initial}{last}@salesforce.com
86% confidence

AeroLeads found 1 current-domain work email signal for Kinnaird Mcquade. Compare company email patterns before reaching out.

Profile bio

About Kinnaird Mcquade

Founder and CTO at NightVision. NV provides security testing that doesn't suck. NightVision scans the code base before simulating attacks with DAST, looking for AppSec vulnerabilities like the OWASP Top 10. This allows NV to identify vulnerabilities that other tools can't see.My personal background: Before NightVision, I worked as a Lead Security Engineer at Square, where I led their cloud vulnerability management program in response to Log4j. Before Square, I was a Lead Security Engineer at Salesforce, where I published multiple open source security tools with 30+ million total downloads. I was also the Cloud Security Consulting Practice Lead at Synopsys, one of the top AppSec firms. At Synopsys, I was honored to advise clients, mostly Fortune 500 companies, on how to design, build, and scale their application security programs. I've been focusing on automating security activities my whole career.I've hacked casinos, cars, hotels, and banks - but I honestly feel like automating the crap out of security testing and giving developers the ability to perform AppSec testing themselves is the way of the future. Automation is the key to buy down risk at scale. If you feel the same, send me a connection request! Always happy to talk shop.

Listed skills include Public Speaking, Teaching, Violin, Research, and 14 others.

Current workplace

Kinnaird Mcquade's current company

Company context helps verify the profile and gives searchers a useful next step.

BeyondTrust
Beyondtrust
Chief Security Architect
Arlington, VA, US
Website
Employees
1710
AeroLeads page
11 roles

Kinnaird Mcquade work experience

A career timeline built from the work history available for this profile.

Chief Security Architect

Arlington, Va, Us

Founder/Cto

Current

Bradenton, Fl, Us

NightVision provides security testing that doesn't suck. NightVision scans the code base before simulating attacks with DAST, looking for AppSec vulnerabilities like the OWASP Top 10. This allows NV to identify vulnerabilities that other tools can't see.https://nightvision.net

Aug 2022 - Present

Staff Security Engineer

San Francisco, Ca, Us

Designed, architected, and built Square's Vulnerability Management solution in Cloud in response to the Log4j incident. Led a team of engineers to implement and roll out a fully automated customized solution. Solution offered deduplication of results, false positive filtering, and a new and more efficient way of attributing security bugs internally. Impact included full coverage across Square's cloud environments, giving lasting customer impact.Led a few penetration tests with the Red Team focusing on my specialty areas.Log4j PTSD.

Nov 2021 - Aug 2022

Lead Security Engineer

San Francisco, California, Us

- Dynamic Application Security Testing (DAST): Lead for Salesforce Security Assurance’s DAST Scanning strategy. Helped design enterprise architecture and built proof of concepts for our key DAST capabilities. Worked with stakeholders to build the work into their team’s strategy, wrote proof of concept code and architectures to align on technical details. Built a prototype DAST Solution that scans thousands of web apps from AWS in 15 minutes and scales out horizontally to rapidly scan the entire external web app perimeter rapidly, regularly, and for relatively low cost.- Azure Security Guardrails: Built a Python-based command line tool within a 4-week timeframe that allows engineers to deploy Azure infrastructure without known security misconfiguration weaknesses (e.g., unencrypted resources, overbroad security group rules, etc.). The tool generates Terraform that creates Azure Policies to apply 400+ security guardrails across our environment. open sourced the tool, designed and implemented the rollout, exception management, and governance strategy. These security guardrails are applied to 100% of Salesforce’s Azure environment.- Security Assurance Lead for Microsoft Azure: Lead for Salesforce’s Microsoft Azure security assurance strategy. Worked with 50+ service teams on their design at the early stages of the design process. Socialized the design, context, and security concerns across multiple business units. Detailed project specifications to fix systemic security issues that would arise after extensive time in the environment.- Terraform Static Analysis: Built Assurance-as-Code framework using Open Policy Agent and conftest to validate Terraform plans automatically at deployment time. Worked with control owner teams to build out rules corresponding to their security controls. Built out 50% of the initial rulesets in AWS. This now evaluates 100% of Terraform code applied to all Salesforce AWS accounts.

Jun 2019 - Nov 2021

Cloud Security Practice Lead

Mountain View, California, Us

Tripled revenue from previous year within one quarter of leadership. Aligned executive decision makers and technical leads on practice direction and strategy. Presented to 150+ business stakeholders (client managers) on several occasions to drive business and technical strategy.Top Project - Automating Continuous Security Testing:- Built an Automated Application Security Testing Library - a Jenkins Shared Library that performs various AppSec activities (DAST, SAST, SCA, report delivery, automated issue tracking, metrics aggregation) and allows developers or administrators to configure or toggle testing in a YAML file. Allows clients to start automating their continuous security testing within 30 days. Integrations included both commercial and open source tools. Built training and documentation to support consultants deploying solution for clients. Evangelized the solution and piloted with clients successfully.

Aug 2018 - May 2019

Senior Security Consultant

Mountain View, California, Us

Top Project: HashiCorp Vault (Top 3 Worldwide Hotel Chain)Single person responsible for HashiCorp Vault deployment at a Top 3 Worldwide Hotel chain. Developed Infrastructure as Code (Terraform, Packer, Ansible, Bash) for automated and secure deployments of HashiCorp Vault. Built CI/CD pipeline for deploying the Terraform code for Vault and supporting infrastructure. Built a secure and CIS Benchmark Compliant OS Golden Image (CentOS) and deployed the CentOS golden image across 100% of the client’s cloud environment. Developed example code to evangelize Vault usage among developers and onboarded service teams to use it. The Vault deployment, Infrastructure as Code pipeline, and CentOS Golden images are still in use today, 3+ years later.

Nov 2017 - May 2019

Security Consultant

Mountain View, California, Us

Example Engagements listed below.- Web Application Penetration Testing - Online Casino: Reported successful exploits such as XML Injection, SQL Injection, Vertical + Horizontal Privilege Escalation, Cross-Site Scripting, various Session Management exploits, various Cryptography weaknesses, and platform-specific vulnerabilities.- Azure Security Baseline Development - Top 5 US Bank: Formulated Azure Security Baselines to establish technical controls specific to Azure, in the style of hardening guides. At this time, Azure CIS Benchmarks and other standards did not exist so we had to write our own. Interfaced directly with stakeholders and technical personnel to establish and refine the baselines to meet business requirements without compromising on security standards.- Threat Modeling - Cloud Hardware Provider: Performed a threat modeling assessment for a client that revealed a number of significant flaws within the architecture of the hardware system and its interaction with various communication protocols. The proprietary system is now used as part of the on-premises component in a hybrid cloud stack. Compiled a custom report as the deliverable for this engagement, after interviewing various members of the client’s team to identify assets, threats, trust zones, potential attack vectors, and existing security controls in the system.

Dec 2016 - Oct 2017

Associate Security Consultant

Dulles, Va, Us

Technical Assessments:- Threat Modeling and Architecture Security Analysis: Performed Architecture Security Analysis and Threat Modeling for a Fortune 100 company; identified vulnerabilities in internal and vendor applications in design phase and in production. Reports focused on Authentication, Authorization, Auditing, Logging, Data In-transit and at-rest, Input Validation, Session Management, Cloud Infrastructure/Architecture, and Mobile Infrastructure/Architecture.- Web Application Penetration Testing: Performed Manual Penetration Testing on Web Applications. Worked with Burp Suite Pro, sslyze, sslscan, Nmap, and other tools.- Secure Code Review: Performed Secure Code Review by utilizing Points of Interest, tracking data flow in an IDE, & identifying insecure configs or missing methods that lead to software vulnerabilities. For example: dynamic SQL queries instead of parameterized queries, deny-listing instead of output encoding, data sanitization, & allow-listing, etc.Soft Skills:• Used Written communication skills on a regular basis to prepare formal documentation for clients• Authored White Papers and Blog Posts for Marketing on Security Best Practices in AWS and other topics• Developed report templates, risk write-up repositories, and threat modeling questionnaires to improve delivery time for team members, which led to a measurable reduction in case completion time without a compromise in qualityConsulting Skills:• Worked with the client’s business stakeholders on a regular basis to explain: security standards, the importance of implementing security controls to mitigate risks, and the business risks associated with each technical vulnerability.

Sep 2015 - Nov 2016

Security Consultant

Technical Assessments:• Performed security audits and penetration testing to evaluate initial security stature.Policy and Compliance Work:• Wrote a 30 page company-wide security policy viewable to all employees and a 20 page security policy for IT system administrators.Consulting Skills:• Worked with small business clients to write and implement new security policies.• Met with the CEOs of client companies to explain security risks and negotiate contracts for upgrading systems for optimal security and implementing new security policy.

Sep 2014 - Sep 2015

Researcher

Arlington, Va, Us

Technical Skills and Training:Manual Web Application Testing; open source and proprietary Dynamic Web Vulnerability Scanners; Reconnaissance tools; Exploitation frameworks; Anti-Virus Evasion techniques; Secure Coding techniques; Cross site scripting; OWASP Top 10 (concepts, coding standards, testing techniques).Technologies: Worked with: Metasploit/Armitage; BeEF Web Exploitation Framework; OWASP Broken Web Applications; Burp Suite Proxy, Spider, Scanner, Intruder, and Repeater; OWASP Zed Attack Proxy; IRONWASP; Arachni; w3af; Acunetix Web Vulnerability Scanner; HP WebInspect; IBM AppScan; Nessus.Research: Investigated and evaluated both open source and proprietary dynamic web vulnerability scanners, worked with the OWASP Broken Web Applications virtual server to evaluate the differences in detection accuracy, usability, and cost-effectiveness of open source and proprietary dynamic web vulnerability scanners.Publication: Produced a cost-benefit analysis on these various tools and submitted research results to various information security conferences.Conferences: Presented research at the Conference on Information Systems Applied Research (CONISAR) in Baltimore, MD.

May 2014 - Sep 2014

Private Music Teacher (Violin/Viola)

Private Teacher: Instructed 40 students over the course of 6 years in violin and viola. Improved customer service skills, account management, gauging customer satisfaction. Refined teaching methods to suit each individual student, catering to their own strengths and needs. Pursued this career concurrently with full-time school.String Quartet Performer: Performed in 30+ weddings, 10 funerals, and several corporate events. Performed in venues such as the Supreme Court, the National Restaurant Association annual convention, the Australian Embassy in Washington, D.C., the Canadian Embassy in Washington, D.C., the National Counterterrorism Center, and many others.

Jan 2007 - Dec 2013
Team & coworkers

Colleagues at BeyondTrust

Other employees you can reach at beyondtrust.com. View company contacts for 1710 employees →

3 education records

Kinnaird Mcquade education

Master Of Science (M.S.), Cybersecurity

Marymount University

Bachelor Of Science (B.S.), Information Technology

Marymount University

Associate Of Science (A.S.), Computer Science

Northern Virginia Community College
FAQ

Frequently asked questions about Kinnaird Mcquade

Quick answers generated from the profile data available on this page.

What company does Kinnaird Mcquade work for?

Kinnaird Mcquade works for BeyondTrust.

What is Kinnaird Mcquade's role at BeyondTrust?

Kinnaird Mcquade is listed as Chief Security Architect at BeyondTrust.

What is Kinnaird Mcquade's email address?

AeroLeads has found 1 work email signal at @salesforce.com for Kinnaird Mcquade at BeyondTrust.

What is Kinnaird Mcquade's phone number?

AeroLeads has found 4 phone signal(s) with area code 703, 650 for Kinnaird Mcquade at BeyondTrust.

Where is Kinnaird Mcquade based?

Kinnaird Mcquade is based in Arlington, Virginia, United States while working with BeyondTrust.

What companies has Kinnaird Mcquade worked for?

Kinnaird Mcquade has worked for Beyondtrust, Nightvision, Square, Salesforce, and Synopsys Software Integrity.

Who are Kinnaird Mcquade's colleagues at BeyondTrust?

Kinnaird Mcquade's colleagues at BeyondTrust include Chulhyun Han, Joseph Sordillo, Chris Lantz, Manoj Mn, and James Fuda.

How can I contact Kinnaird Mcquade?

You can use AeroLeads to view verified contact signals for Kinnaird Mcquade at BeyondTrust, including work email, phone, and LinkedIn data when available.

What schools did Kinnaird Mcquade attend?

Kinnaird Mcquade holds Master Of Science (M.S.), Cybersecurity from Marymount University.

What skills is Kinnaird Mcquade known for?

Kinnaird Mcquade is listed with skills including Public Speaking, Teaching, Violin, Research, Penetration Testing, Leadership, Application Security, and Amazon Web Services.

Find 750M verified contacts

Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.