Reza Kialashaki
Details
Physics
UCLA
2000 : 2004
2022 : Present
Hadrian
Head Of Information Security
As acting Director and Head of Information Security, set forth the full vision for information security throughout the organization. Hired, onboarded, and managed a team of 6 information security engineers focusing on 3 pillars of security, Enterprise Security, Product Security, and Operational Security. Utilized industry standard frameworks NIST 800-53, NIST Computer Security Framework, as well as CIS Critical Security Controls to define a multi-stage, multi-year plan to improve overall security capabilities and reduce risk across the organization. Worked directly with the Executive Leadership team to identify business objectives and plan budgets for personnel, tooling, training, and all other aspects of financial responsibility in information security.
2021 : 2022
Zwift
Senior Manager, Security Engineering
As Principal Security Engineer, deeply collaborated with the DevOps and Cloud Engineering teams to design and implement a highly scalable and secure containerization platform driven by infrastructure as code and continuous integration/delivery methodologies. Introduced granular role based access controls utilizing GitOps processes. Designed policies and procedures for securely managing secrets across both legacy and containerized operating environments. Created working groups and held meetups to build strong relationships according to DevSecOps principles, uniting development, operations, and information security teams. Aligned business objectives with desired engineering outcomes to apply an appropriate security strategy to enable growth and take advantage of opportunity costs in a safe and scalable manner.
As primary Security Operations Engineer and Incident Responder, designed Computer Security Incident Response Plan utilized throughout the organization, and personally managed all incident response efforts. Collaborated across several companies in the same health and fitness business sector to share intelligence about security events and bad actors. Created an archive and reporting process for all security event and incident response related information. Conducted regular security audits to ensure compliance with various business regulations as well as to identify gaps and improve the overall security posture of the organization.
2019 : 2021
Zwift
Senior Information Security Engineer
As Senior Devops Engineer worked directly with the Product Engineering team to develop and maintain operations environment utilizing customized autmation pipelines. Built infrastructure management system in Python to control various components of the production operating environments hosted in AWS leveraging tooling such as Boto3, Terraform, Ansible, and Jenkins. Collaborated with Product Engineering team to develop next generation serverless web hosting platform utilizing containerization with Docker, AWS ECS, and Terraform. Worked extensively on web server technology leveraging Nginx, Openresty, and AWS Cloudfront CDN to deliver high performance, high concurrency caching layer for dynamic websites hosted with Wordpress CMS.
As Tier 3 Engineering support, assisted customers with technically challenging issues and problems with the platform. Consulted customers on custom web application implementations for their hosted sites, including, but not limited to, integrating Server Side Rendering frontend systems with Wordpress data store via the Wordpress REST API. Conducted incident response for service and security related events.
2017 : 2019
Pagely®
Senior Devops Engineer
As primary Information Security Engineer, contributed integral vision to building a world class information security program and team. Working in an environment free of constraints, provided a hybrid security strategy with lean security controls, but high visibility for real-time detection of, and response to, security events. Architected high performance network intrusion detection systems capable of inspecting high bandwidth network traffic with near zero packet loss utilizing purpose built hardware, open source tools, and GPU offloading. Architected network security monitoring capable of profiling, alerting, and archiving of global network events. Architected file integrity monitoring solutions for production payments environments. Provided internal security consulting and auditing for various regulatory controlling bodies including the Payment Card Industry (PCI) and the Korean Internet and Security Agency (KISA).
As primary incident response engineer, provided forensically sound data acquisition, analysis, and storage of artifacts related to security incidents and archived case information to share with key stakeholders. Conducted malware analysis and reverse engineering for malicious applications encountered in the field. Contributed to real-time data collection and analysis pipeline for security information within the company. Provided endpoint security and systems management solutions for real time security anomaly detection and incident response capabilities.
As product owner of the Security Operations Center (SOC), provided the vision for security operations. Implemented computer security event alerting and response procedures. Trained SOC analysts on various topics in information security directly applicable to their workflow. Currently working to build regional SOC offices to provide 24x7x365 follow the sun operations globally.
2011 : 2016
Riot Games
Information Security Engineer
Skills
Active Directory, Agile Methodologies, Antivirus, Apache, Bash, C , Cloud Computing, Cluster, Computer Hardware, Computer Security, Disaster Recovery, Distributed Systems, Firewalls, Hardware, High Performance Computing, Information Security, Information Technology, Infrastructure, Integration, IPSec, ITIL, Linux, Microsoft Exchange, MySQL, Networking, Network Security, Open Source, Operating Systems, Perl, Project Management, Project Planning, Puppet, Python, Routing, Ruby, Scrum, Servers, SharePoint, Software Installation, Storage, System Deployment, Technical Support, Testing, Troubleshooting, Unix, Virtualization, VoIP, Vulnerability Management, Web Applications, Windows, High Performance
About
I am a highly motivated and multitalented systems specialist. I strive for quality and efficiency in all my endeavors and dedicate myself to projects in order to succeed. I have excellent problem solving skills and methodical approaches to determining solutions. I am adaptable to nearly any environment. My broad depth of knowledge in networking, security, and high performance computing allows me to derive well contrived decisions about technology project planning and direction. I always strive to maximize process efficiencies whenever possible by using automation techniques to simplify repetitive tasks.
Specialties: Unix/Linux based operating systems, open source software, networking/routing, network security, automation and scripting, clustered and distributed processing, cloud computing, virtualization, storage and backup technologies, Microsoft AD/Exchange
Profile Photo
