About Me
I am a Platform Security Engineer specializing in enforcing secure-by-default cloud infrastructure, implementing security controls across development environments including GitHub and the software supply chain, and hardening Kubernetes security - all while minimizing friction for developers.
Professional Experience
2024 - Present
Mercari, Inc. — Security Engineer (Full-time)
- Designed and implemented platform-wide security controls for the operational use of AI tools such as Coding Agents.
- Developed tools to reduce the need for long-lived credentials on GitHub, reducing the risk of credential leakage and simplifying credential management. [Removing GitHub PATs and Private Keys From Google Cloud: Extending Token Server to Google Cloud]
- Applied organization-wide security controls on Google Cloud Platform and AWS.
- Authored Kubernetes hardening guidelines and reduced critical findings.
2022 - 2022
Mercari, Inc. — Security Engineer (Intern)
- Re-structured Microsoft Kubernetes Threat Matrix and created Falco rules to fill detection gaps, and contributed to upstream official falco ruleset. [Restructuring the Kubernetes Threat Matrix and Evaluating Attack Detection by Falco]
2021 - 2021
Recruit Co., Ltd. — Security Engineer (Part-time)
- Performed application vulnerability assessments and built static-analysis parsers for proprietary codebases.