Shannon Lietz – Intuit Shannon
Lietz, DevSecOps Leader at Intuit, is an award-winning innovator with over two decades of experience pursuing advanced security defenses and next generation security solutions. Ms. Lietz is responsible for setting and driving Intuit’s DevSecOps and cloud security strategy, roadmap and implementation in support of corporate innovation. She operates a 24×7 DevSecOps team that specializes in Adversary Management. Prior to joining Intuit, Ms. Lietz worked for ServiceNow where she was responsible for the cloud security engineering efforts and Sony where she drove the implementation of a new secure data center. Ms. Lietz has significant experience leading crisis management large-scale security breaches and restoration of services for several Fortune 500 companies. She has previous experience as a founder a metrics company, leading major initiatives for hosting providers as a Master Security Architect, developing security software and consulting for many Fortune 500 companies globally. Ms. Lietz is an IANS faculty member and holds a Bachelors of Science degree in Biological Sciences from Mount St. Mary’s College.
James Wickett – Signal Sciences
Currently working as the Head of Research at Signal Sciences, which is trusted by the world’s leading companies for our next-gen WAF and RASP to protect web applications, APIs and microservices. At several companies I have built out complete deploy pipelines from code commit to running in production using a mix of tooling and testing. Because of this, a lot of my research and time has been spent focused on the intersection of traditional Information Security and DevOps. There is a unique opportunity for security to matter again within the organization and my background of operations and security shapes my perspective in the belief.
Ernest Mueller – AT&T Cybersecurity
Ernest Mueller is director of engineering operations at AT&T Cybersecurity (formerly AlienVault,). He is active in the DevOps movement, helped found the Austin chapter of OWASP, and organizes both CloudAustin and the Agile Austin DevOps SIG. Ernest is also an organizer for the annual DevOpsDays Austin conference. He blogs with a cadre of like-thinking professionals at theagileadmin.com.
John Willis – Botchagalupe Technologies
John Willis has worked in the IT management industry for more than 35 years. Currently he is Vice President of DevOps and Digital Practices at SJ Technologies. He was formerly Director of Ecosystem Development at Docker. Prior to Docker, Willis was the VP of Solutions for Socketplane (sold to Docker) and Enstratius (sold to Dell). Prior to to Socketplane and Enstratius, Willis was the VP of Training and Services at Opscode, where he formalized the training, evangelism, and professional services functions at the firm. Willis also founded Gulf Breeze Software, an award-winning IBM business partner, which specializes in deploying Tivoli technology for the enterprise. Willis has authored six IBM Redbooks on enterprise systems management and was the founder and chief architect at Chain Bridge Systems.
Alexandra Shulman-Peleg – Citi
Alexandra Shulman-Peleg, Ph.D., is a Senior Vice President leading Citi’s Cloud platforms security engineering and the Global Information Security Cloud program. In her role, she is responsible for building the Cloud and Container security solutions as well as their processes and architectures. She previously led Cloud security at IBM Cyber Security Center of Excellence and IBM Haifa Research Labs. She holds Ph.D., M.Sc. degrees in Computer Science from Tel-Aviv University, having multiple patents as well as more than 30 scientific publications with thousands of citations.
Chenxi Wang – Rain Capital
Dr. Chenxi Wang is the founder and General Partner of Rain Capital, a Cyber focused venture fund. A well-known strategist, speaker, and technologist in the Cybersecurity industry, Dr. Wang also serves as Vice Chair on the Board of Directors for the OWASP foundation, mentor for SparkLabs’ Cyber accelerator, as well as strategic advisor to various security startups. Previously, Chenxi was Chief Strategy Officer at Twistlock and responsible for building Twistlock’s brand and business from zero to the leader in the segment. Chenxi was named by SC Magazine a 2016 Women of Influence, and served as the program chair (Security & Privacy) for the 2016 and 2017 Grace Hopper Conference. Chenxi’s career began as a faculty member at Carnegie Mellon University, followed by VP of Research at Forrester Research and several industry executive roles including VP of strategy at Intel Security. At Forrester, Chenxi wrote many hard-hitting research papers. At Intel Security, she led the ubiquity strategy that spans both hardware and software platforms. Chenxi is a trusted advisor to IT executives and a sought-after speaker. She has keynoted events worldwide and been featured by top media outlets. Chenxi holds a Ph.D. in Computer Science from the University of Virginia.
Larry Maccherone – Comcast
Larry Maccherone is an industry-recognized thought leader on DevSecOps, Lean/Agile, and Analytics. He currently leads the DevSecOps transformation at Comcast. Previously, Larry led the insights product line at Rally Software where he published the largest ever study correlating development team practices with performance. Before Rally, Larry worked at Carnegie Mellon with the Software Engineering Institute (SEI) and CyLab for seven years conducting research on cybersecurity and software engineering. While there, he co-led the launch of the DHS-funded Build-Security-In initiative. He has also served as Principal Investigator for the NSA’s Code Assessment Methodology Project, on the Advisory Board for IARPA’s STONESOUP program, and as the Department of Energy’s Los Alamos National Labs Fellow.
Courtney Kissler – Nike
Courtney is the Vice President of Digital Platform Engineering at Nike and leads all elements of powering the Nike Direct Consumer experience, with a re-usable, seamless platform. Her teams are focusing on core commerce services (browse, search, checkout, payment, launch, inventory, fulfillment), user services (login, profile, identity, notifications), consumer data engineering, personalization, content ecosystem (authoring, creation, digital assets, workflow) member services and global retail solutions. Prior to joining Nike, Courtney was the VP of Retail Technology at Starbucks where she was responsible for the global POS and retail store technology experiences. Before Starbucks, Courtney was the Vice President of E-Commerce and Store technologies at Nordstrom, where she led a transformation essential for outpacing the demands of today’s Omnichannel consumers. Her responsibilities included program management, delivery, and support for all customer facing technologies which also included in-store, Web, and mobile touch points. Courtney joined Nordstrom as a security engineer in 2002 and held increasingly senior leadership roles across the technology organization. She began her career in technology start-ups including CyberSafe and WorldStream, Courtney holds a B.S in Computer Information Systems from Eastern Washington University.
DJ Schleen – Aetna/CVS
DJ is a DevSecOps Evangelist and Security Architect at a large healthcare organization, where he provides DevSecOps thought leadership throughout their journey of cultural revolution, digital transformation and containerization. He specializes in automating security controls in DevOps environments and is a hacker by training – doing significant R&D work in Moving Target Defense, Mobile Security, Ethical Hacking, and Penetration Testing. As an expert in Application Lifecycle Management (ALM) and ITIL, DJ has worked to streamline development pipelines for many Fortune 100 organizations by focusing on people and process. He is an active speaker, instructor, blogger and author in the growing DevSecOps community where he encourages organizations to deeply integrate a culture of Security into everything they produce.
Poornaprajna Udupi – Lyra Health
Poornaprajna is currently the CISO at Lyra Health, responsible for Security, Compliance, Cloud Infrastructure, IT and facilities. Previously, he managed product and application security at Netflix, developed scalable, multi-tier, web systems for cloud security and API development. Poornaprajna holds an MS (Computer Science) from UCSD and an Advanced Computer Security Professional Certificate from Stanford.
Omar Khawaja – Healthmark
Omar has spent 15+ years developing and managing security solutions for startups, service providers, consulting firms and enterprises. He is currently CISO at Highmark Health, an $18 billion integrated health care delivery and financing system, employing 40,000 and serving 50 million Americans. Prior to Highmark, he was at Verizon Enterprise Solutions, where he was responsible for a portfolio of security solutions with customers in 72 countries. Omar currently serves on the boards of HITRUST and Action Housing; on the Governing Body of Evanta; on the CISO Workgroup of BCBSA; and adjunct faculty for the CISO program at Carnegie Mellon University. Omar’s certifications include CPHIMS, CISSP, FAIR Risk and CCSK. He has a BS in Electrical Engineering from Georgia Tech and an MBA from Darden School of Business at the University of Virginia.
Anne Marie Zettlemoyer – Mastercard
Anne Marie Zettlemoyer is a cyber strategist with over 19 years of experience in 8 industries. Sitting at the intersection of business, security, and analytics, Anne Marie has served as a trusted advisor for Fortune 500 companies, government agencies, law enforcement, security vendors, and think tanks. She is a Vice President of Security Engineering at Mastercard, a member of the Board of Directors for SSH Security, a visiting National Security Institute Fellow at GMU’s Scalia Law School, and has held a number of strategic and technical security leadership roles including the Head of Security Architecture, Engineering, and Solutions at Freddie Mac, Director of the Cyber Think Tank at Capital One, Director of Business Analytics at FireEye, and Special Advisor for the Director of the US Secret Service. In addition to CISSP and CeH certifications, Anne Marie holds an MBA from the University of Michigan-Ann Arbor as well as undergraduate degrees in both Accounting and Finance.
Chris Roberts – Attivo
Chris founded or worked with a number of companies specializing in DarkNet research, intelligence gathering, cryptography, deception technologies, and providers of security services and threat intelligence. Since the late 90s, Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against cyber attack. As one of the well-known hackers and researchers, Chris is routinely invited to speak at industry conferences. CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, Wall Street Journal, and numerous others. And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that could have allowed the exploitation of attacks against flight control system.
Hasan Yasar – CMU
Hasan Yasar is the technical manager of the Secure Lifecycle Solutions Group in the SEI’s CERT Division. His group focuses on software development processes and methodologies, specifically on DevOps and development, and researches advanced image analysis, cloud technologies, and big data problems. It also provides expertise and guidance to SEI’s clients. Yasar has more than 25 years’ experience as senior security engineer, software engineer, software architect, and manager in all phases of secure software development and information modeling processes. Hasan has an extensive knowledge of current software tools and techniques. He is also specializes in secure software solutions design and development in the cybersecurity domain, including data-driven investigation and collaborative incident management, network security assessment, automated, large-scale malware triage/analysis, medical records management, accounting, simulation systems, and document management. He is also an adjunct faculty member in the CMU Heinz College and Institute of Software Research where he currently teaches Software and Security and DevOps: Engineering for Deployment and Operations
Oleg Kryb – VISA
Oleg Gryb is Chief Architect who currently works at Visa Inc. Before Visa he worked as a Sr. Manager and de-facto CISO for Samsung’s Artik Cloud platform (www.artik.cloud) handling all aspects of security and HIPAA compliance program. He was previously Security Architect at Intuit, where he was creating architecture for mission critical financial and business applications. Gryb participates actively in creating open source software in a security, identity management and other domains. He has a lot of passion around embedding security to all SDLC stages, threat modeling, enforcing security in web service fabric, security tools, cloud, IoT and mobile security. He’s also interested in building data protection solutions based on security appliances, such as Secure Elements for devices, nCipher, DataPower, Ingrian, Safenet.
Caroline Wong – Cobalt.io
Caroline Wong is the Chief Security Strategist at Cobalt.io. Caroline’s close and practical information security knowledge stems from broad experience as a Cigital consultant, a Symantec product manager, and day-to-day leadership roles at eBay and Zynga. She is a well known thought leader on the topic of security metrics and has been featured at industry conferences including RSA (USA and Europe), OWASP AppSec, BSides, All Day DevOps, and Shift AppSec.
Derek Weeks – Sonatype
Co-founder, All Day DevOps and Vice President, Sonatype, Derek is a huge advocate of applying proven supply chain management principles into DevOps practices to improve efficiencies and sustain long-lasting competitive advantages. He currently serves as vice president and DevOps advocate at Sonatype, is the co-founder of All Day DevOps, and the lead researcher behind the annual State of the Software Supply Chain report for the DevOps industry. @weekstweets
Jodie Kautt – Target
Jodie Kautt is vice president of cyber security at Target with over 15 years of experience. In her current role she leads product security, product intelligence, cyber threat intelligence, incident response, data protection and enterprise incident management. She is also on the advisory board for Target’s engineering manager immersion program, focused on building a deeper pipeline of qualified and diverse senior engineering managers for Target. Jodie joined Target in 2005 from KPMG where she consulted with a variety of companies.
Jennifer Czaplewski – Target
Jennifer Czaplewski is a Director in the Information Security team at Target. In her current role she leads the Product Intelligence team, the Product Security Engineering team, Target’s Security Ninja program and Cyber Risk Management. Jennifer joined Target in 2006 from Pfizer. Jennifer received an MBA and BBA from Western Michigan University and has CISM and CISSP certifications.
Kevin Hanaford – Remitly
Kevin is the Head of Information Security, Infrastructure, and IT at Remitly and leads the teams responsible for Remitly’s security posture, cloud environment, development and deployment tools, and is a regular fixture at the coffee machines. Prior to arriving at Remitly, Kevin spent time running security programs for Amazon and PayPal, and managing NOCs for Bungie, Xbox, and Office 365. He takes a customer-centric view on the work he oversees and believes that you can improve your security posture without adding friction or sacrificing convenience if you try hard enough… it just may feel a bit like hunting for unicorns in the process.
Rich Mogull – DisruptOPS
Rich has twenty years experience in information security, physical security, and risk management. These days he specializes in cloud security and DevSecOps, having started working hands-on in cloud nearly 10 years ago. He is also the principle course designer of the Cloud Security Alliance training class, primary author of the latest version of the CSA Security Guidance, and actively works on developing hands-on cloud security techniques. Prior to founding Securosis and then DisruptOps, Rich was a Research Vice President at Gartner on the security team. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator.
Rich is the Security Editor of TidBITS and a frequent contributor to industry publications. He is a frequent industry speaker at events including the RSA Security Conference, Black Hat, and DefCon, and has spoken on every continent except Antarctica (where he’s happy to speak for free — assuming travel is covered).
Alan Shimel – DevOps.com, Security Blvd
As Editor-in-chief of DevOps.com, Alan Shimel is attuned to the world of technology. Alan has founded and helped several technology ventures, including StillSecure, where he guided the company in bringing innovative and effective networking and security solutions to the marketplace. Shimel is an often-cited personality in the security and technology community and is a sought-after speaker at industry and government conferences and events. In addition to his writing on DevOps.com and Network World, his commentary about the state of technology is followed closely by many industry insiders via his blog and podcast, “Ashimmy, After All These Years” (www.ashimmy.com). Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Mark Miller – Sonatype, All Day DevOps
Malcom Gladwell would call Mark “A Connector”. Wherever he goes, one of the things he is most happy with is the ability to introduce people to each other, making connections where they didn’t previously exist. He has done this on every continent in the world, including Antarctica, as part of an ongoing desire to see connections where other people see differences. Mark’s main expertise is in developing and supporting live online communities built around specific market verticals. These online communities bleed over into the real world, where relationships are strengthened and expanded. He is currently the Senior Storyteller at Sonatype, where he manages the community initiatives for All Day DevOps, DevSecOps Days, the DevSecOps Days Podcast Series and is Editor-in-Chief of DevSecOps Days Press.