I'm an independent generalist technologist with an interest in open source vulnerability management and related software supply chain security.
Most recently, I've worked as a Software Engineer on Google's Open Source Security Team (GOSST) working on OSV.dev.
I'm passionate about a solid foundation of machine-readable vulnerability metadata for known vulnerability detection/remediation/prevention (aka "management").
- 🔭 I’m currently working on OSV Schema level things as a community contributor to the OpenSSF's Vulnerability Disclosures Working Group and systemic CVE data quality initiatives via the CVE Program's Quality Working Group (QWG)
- 🌱 I’m currently studying a Bachelor of Psychological Science and Counselling at ACAP University College
- 💬 Ask me about my feelings on CVE aggregate data quality/completeness/fitness for purpose
- 😄 Pronouns: he/him
- ⚡ Fun fact: I've been a Linux Systems Administrator, Site Reliability Engineer (Systems Administration), Security Engineer and Software Engineer at Google, spanning two decades in Mountain View, CA and remotely in Brisbane, Australia