My name is Ben. I am a Staff-level Security Engineer and Technical Lead with 15+ years of experience designing, building, and operating security systems at scale.
I specialize in translating ambiguous business and product goals—such as Zero Trust adoption, enterprise identity, and large-scale automation—into concrete, production-grade security architectures.
I’m a hands-on security engineer who writes and reviews production code (primarily Go and Python), architecting systems across endpoint security, identity and access management (IAM), cloud infrastructure, and detection platforms.
I have led organization-wide initiatives spanning tens of thousands of assets, partnered closely with product, platform, and IT teams, and served as a trusted technical authority during high-impact security incidents.
My background is broad and deep across computer networking, systems administration, cloud computing, software development, and DevSecOps, with experience across both offensive and defensive security domains.
I believe automation is critical to security: reducing manual overhead, improving consistency, and enabling scalable controls and response across large fleets.
I primarily program in Go and Python, and also regularly use Bash. I work heavily with APIs and distributed systems patterns (REST/gRPC, protobuf, JSON/YAML), and have experience with additional languages such as C, PHP, Ruby, and JavaScript.
I am a big fan of Linux and FOSS in general, and enjoy building durable security tooling—from high-concurrency services to automation “glue,” to infrastructure and configuration as code (IaC).
My work commonly centers around enterprise endpoint security and fleet hardening, Zero Trust architecture, identity and access management, security automation/DevSecOps, detection engineering, and building security platforms that operate reliably at scale.
I also enjoy technical leadership: mentoring engineers, raising engineering standards, guiding architectural decision-making, and delivering durable, business-aligned outcomes.
I hold a B.S. degree in Information Technology with a major in Information Systems Security.
I have earned industry certifications, including CISSP, OSCP, CEH, and Security+.
I am currently a Staff Security Engineer on the Security Engineering team at Aurora Innovation, where I operate as a Technical Lead responsible for defining and executing enterprise security strategy across client endpoints, corporate SaaS, internal infrastructure and networks, and identity and access management (IAM).
I translate ambiguous, high-level business and product goals—such as AI adoption and Zero Trust implementation—into concrete, scalable, production-grade security architectures.
Highlights include architecting and leading an enterprise-wide Zero Trust device trust platform, establishing a unified model for device identity, compliance, and authentication:
I also led Client Platform Engineering and enterprise device security programs, including tooling selection, system design and deployment, and the automation of device provisioning, hardening standards, and detection/response procedures (including a custom Puppet implementation running on EKS with custom ENC and node terminus components for scalable device orchestration).
Previously, I was a Senior Security Engineer at Slack (Slack/Salesforce) on the Security Customer Protection team, in a hybrid role spanning security engineering, detection development, threat hunting, incident response, and tooling.
A notable project was architecting and building a hyper-scalable malware scanning service that processes all customer file uploads (Go, Yara, Docker, Kubernetes, AWS), significantly improving detection coverage and platform abuse prevention.
I also designed and implemented a highly scalable osquery backend (Python, Flask, AWS) enabling consistent endpoint visibility and query execution across the fleet, and contributed to large-scale detection and investigation workflows (including Splunk onboarding, data normalization, and reusable investigation notebooks).
Before Slack, I was a Senior Security Operations Engineer at Sony Interactive Entertainment / PlayStation, supporting security and DevSecOps efforts across a large hybrid environment spanning on-prem data centers and AWS.
My work included cloud security engineering and integrations with platforms such as Splunk ES, Evident.io, CloudPassage, and HashiCorp Vault; automation-first security processes; and compliance solutions for large cloud environments using containerized and microservice-based architectures.
Earlier in my career, I worked at ViaWest (since acquired and rebranded as Flexential / Peak 10) in multiple roles, including Senior Security Engineer, helping build and operate PCI- and HIPAA-compliant environments and foundational security programs (vulnerability management, incident response processes, SOC enablement, and security product capabilities).
I also worked for Managed Security Service Provider (MSSP) GBprotect (now Nuspire), and for regional ISP / CLEC Microtech-Tel (now OTAVA).
Feel free to contact me on LinkedIn, with the exception of unsolicited sales pitches, which I will promptly ignore.
You can also catch me annually at Hacker Summer Camp (often including BSidesLV as well).