SUMMARY
I communicate complex security topics to a wide range of audiences.
I am a security professional driven by a desire to make the information security field more inclusive and humane for those who want in and those who want to stay in, to foster ongoing trust and engagement between security and other teams, and to promote a greater understanding of security with a tone of empowerment rather than fear.
WORK
I’m currently a security engineer on LaunchDarkly’s infrastructure security team. My major areas of focus there have included building out detection engineering, security education, and security operations.
While I’ve spent the bulk of my security career under the umbrella of corporate & infrastructure security, I also spent a year as a technical evangelist at Capsule8, a role that blended technical product marketing/management, sales enablement, and security community evangelism. I drew heavily upon my previous work in security operations and incident response, most notably as a security analyst for Duo Security.
CREDENTIALS
My interest in tackling complex cultural issues led me to earn my BA in gender and women's studies and, years later, my AAS in network security (after rejecting the conventional wisdom "don't quit your day job"). Thanks to being accepted into the second SANS Women's Immersion Academy, I hold the GSEC, GCIH, and GCIA certifications. I do not believe that my degrees or certs should position me as any more or less qualified to be in security. I used the privileges afforded to me and the resources in front of me to forge my best path into security; everyone’s path is unique and valid.
COMMUNITY INVOLVEMENT
In addition to serving as BSidesLV's lockpick village co-lead since 2017, I've spoken at several security conferences. (See my Speaking page for recordings and abstracts.) I have been a mentor for the BSidesLV Proving Ground; I was also a mentor for a SANS Immersion Academy. I love doing CFP reviews, and have served on the review boards of CircleCityCon, fwd:cloudsec, BSidesSATX, and BSidesLV. I’ve been known to volunteer at the occasional CryptoParty, usually leading discussions on passwords and MFA.
ONLINE PRESENCE
Twitter is my current epicenter. Expect cloudsec and zero-trust puns (BeyondPuns?), non-linear thought-meandering with a plethora of parentheses, and the spiciest takes on security that my Wisconsinite-turned-Texan palate can muster. While I’m technically on LinkedIn, I don’t use it as my primary channel of engagement, and I ask that any connection requests include context. For longer-form, I occasionally write on my blog and elsewhere.
All opinions -- and I have a lot of them -- are solely mine.
Email: thesweetkat [at] thesweetkat [dot] com