(919) 523 - 5654
Talented, versatile technologist with outstanding communication skills. Creative, focused, and deeply committed to quality.
July 2015 - present
Principal Security Engineer
Tested Bitcoin binaries by fuzzing the network protocol, using a custom-built fuzzer built on top of the Defensics SDK.
Performed security research using fuzz testing to locate vulnerabilities in an IoT device and an open source library. Inserted debugger file into the IoT device firmware and performed remote MIPS debugging to analyze failures.
Created articles for the Synopsys Software Integrity blog. Delivered public webinars about software supply chain management.
Trained Synopsys field engineers in newly-acquired Codenomicon technology. Maintained internal knowledge bases and delivered a series of presentations and demonstrations. Created and maintained virtual machines for training and demonstrations using Vagrant and Puppet.
Wrote User Guide for Defensics SDK, a solution for building fuzzers.
August 2011 - July 2015 (acquired by Synopsys)
Principal Security Engineer
Definitively articulated Codenomicon’s vision in articles and videos. Presented at conferences such as Triangle InfoSeCon and BSides Raleigh. Worked on forward-looking innovations with key engineering and management personnel.
Executed proof-of-concept projects to find software vulnerabilities in a variety of targets using fuzz testing with a wide range of protocols and techniques. Targets included industrial controllers, medical devices, network equipment, software packages, printers, and mobile phones. Protocols included IPv4, IPv6, HTTP, TLS, SSH, DIAMETER, SIP, FIX, and Bluetooth.
Analyzed software vulnerabilities using WinDbg, Immunity Debugger, and mona.py. Developed exploit delivery scripts using Python and Ruby and integrated with Metasploit Framework.
Trained test engineers in fuzzing, both in a classroom setting as well as individually.
September 2001 - August 2011
Principal Technical Writer (August 2010 - present)
Wrote developer documentation and code examples for JDK 7 and the Java Tutorial. Topics included multithreaded custom class loaders, the fork/join framework for parallel processing, and security updates related to TLS 1.2. Created documentation, code examples, and a video screencast about a UI decorator component, JLayer.
Created developer documentation for Oracle Java Micro Edition Embedded Client, a CDC Java platform that runs on x86 and ARM devices like the BeagleBoard. Installed platform on BeagleBoard, then worked through application development and installation. Created screencasts for developers.
January 2011 : iOS iPhone Developer (freelance)
Programmed Froot, a simple and addictive game.
Senior Staff Engineer (April 2008 - August 2010)
Lead engineer integrating Sun's high-performance virtual machine with the OCAP RI. Worked with multiple versions of the OCAP stack as well as multiple target platforms, in a complex layered architecture of C and Java code. Built, ran, and debugged code on Linux, Windows, and set-top boxes. Coordinated with other developers, testers, project management, customers, and other vendors.
Lead writer for JavaFX Mobile, a mobile device operating system based on technology acquired from SavaJe. Lead writer for Sun Java Wireless Client, a mobile phone software stack.
Wrote Kicking Butt with MIDP and MSA (January 2008).
Responsible for the documentation for the Java Wireless Toolkit, which has been downloaded by hundreds of thousands of developers worldwide. Rewrote the existing binary release documentation for clarity, flow, and correctness. Learned how to build the toolkit and made enhancements to the source code. Created example applications.
Wrote numerous articles, tutorials and technical tips for Sun's Wireless Developer web site, including a four-part series on cryptography and SSL/TLS.
February 2003 : Author (freelance)
Wrote second edition of Wireless Java: Developing with Java 2, Micro Edition.
June 2000 - August 2001
Director of Courseware Development
Created courseware and taught courses. Oriented courseware around an online store web application. Maintained and expanded a curriculum of over 20 courses.
May 2001 : Author (freelance)
Wrote Wireless Java: Developing with Java 2, Micro Edition.
December 1996 - June 2000
O'Reilly & Associates (now O'Reilly Media)
Staff Technical Writer
Co-authored Learning Java (May 2000). Wrote The Unofficial Guide to LEGO MINDSTORMS Robots (October 1999), Java 2D Graphics (May 1999), and Java Cryptography (April 1998). Co-author of Java Fundamental Classes Reference (May 1997). Updated Exploring Java and Java AWT Reference for Java 1.1.
June 1996 - December 1996
Member of Technical Staff
Designed and built database library for network switch using C++ in a UNIX environment. Wrote documentation and held peer reviews. Taught C++ and Java.
March 1994 - June 1996
Led four developers in the design and implementation of transportation management and planning application. Integrated code from Visual C++ and Natural to build a single client-server application.
Created enterprise logistics application, more than 15,000 lines of C++ Windows code.
June 1989 - September 1989
Member of Technical Staff
Reverse engineered Nintendo Gameboys to enable interactive realtime gameplay over a telephone network. Used an oscilloscope to detect protocol information. Created custom circuitry and assembly language programs to capture and interpret the protocol. Built custom circuits for exchanging information between Gameboys and PCs. Wrote communication software on PCs to relay information over the telephone network.
Certified Ethical Hacker (CEH)
Certified Secure Software Lifecycle Professional (CSSLP)
Utica College: Master of Science in Cybersecurity, expected Spring 2021, GPA 4.0
Princeton University: Bachelor of Science and Engineering cum laude, 1993, GPA 3.5
SAT Math: 780 Verbal: 760; GRE Verbal: 720 Quantitative: 780 Analytical: 800
Bernards High School, Bernardsville, NJ: Valedictorian, 1989; National Merit Scholar
Talented and experienced communicator, both writing and speaking
Languages: Java, C, Objective-C, C++, Python, Ruby, assembly
Platforms: Java, iOS, Android, ARM, Windows, Linux, MacOS, Kali
Special expertise: cryptography, 2D graphics, security testing
Tools: Metasploit, Wireshark, BurpSuite, version control, fuzz testing
Author of She Loves Cheese More Than She Loves Me
Piano, computer music, and composing