Product Security Engineer Aug 2017 - Present I’m currently focusing on security for Tableau Online, Public, and other customer-facing, production services.
• Wrote a “state of the union” security six pager reviewd by C- and VP-level executives that was used as the foundation for creating the Tableau Online security program, driving security work across a diverse group of service owners and internal advisory groups
• Defined and implemented logging standards across a diverse fleet to drive incident response.
• Built a static analysis tool for Terraform to identify security issues in the CI/CD pipeline.
Information Security Engineer Dec 2014 - Aug 2017 Within Tableau’s Information Security team, I was responsible for the operational aspects of the InfoSec security program. I primarily worked with the teams running our corporate and customer-facing systems to ensure they are adequately secured, and also responded to security incidents.
• Redesigned and implemented the corporate Public Key Infrastructure (PKI)
• Managed the corporate single sign-on identity platform
• Defined standards for secure cloud usage across the company
• Defined the security consulting practice and risk tracking process for my team.
EC2 Security Engineer October 2012 - Nov 2014 As a security engineer for one of the largest cloud providers in the world, I was responsible for improving our incident response capability, developing projects to make EC2 more secure for our customers, and acting as the EC2 point of contact for the AWS compliance team. I’ve learned to build scale into every process, automating relentlessly.
• Represent the EC2 technical controls in 4 SOC 1 audits and 2 PCI audits with zero findings
• Built and automated a process for the monthly review of privileged commands run by EC2 engineers
• Learned and taught my team new log diving techniques leveraging AWS services like Apache Pig scripts running on Elastic MapReduce to gain further insight into our environment and to improve our incident response times
• Committed over 60,000 lines of Ruby code to automate common incident response, reporting, and abuse tasks
• Lead calls for security events, working with other service teams to root cause and remediate security vulnerabilities, and drive roadmaps to improve security controls
Security Consultant Aug 2010 - Sept 2012
Working within Accenture’s Security practice, specifically focusing on Identity and Access Management, I’ve spent the past two years designing and implementing enterprise-wide technologies as part of a small group working with a civilian federal department. Through my time with Accenture, I’ve learned how to quickly learn and apply security technologies to meet the business and compliance needs of a large organization.
IT Manager May 2009 - June 2010
My role entailed researching, recommending, and implementing technical tools that promote the goals of WATER, an online academic journal. This includes publishing and file collaboration software, as well as maintaining the webite via its backend configuration (LAMP stack) and PHP-based CMS (Joomla!). My responsibilities then expanded to include developing a website that helps the laboratory that hosts the Journal promote itself while encouraging staff communication and collaboration.
Braxton Ehle — firstname.lastname@example.org —