Braxton Ehle

As a founding member of the Apple Services Engineering Security team, I helped engineers architect around risk to protect billions of users.

Key Accomplishments:

• Lead the security program for the internal on-prem and multi-cloud infrastructure platform that provided secure building blocks for developers across Apple, focusing on: custom IAM stack, multi-tenancy, cross-org feature priorities, executive briefings, and industry benchmarking.
• Developed the security review program to threat model Apple services and features
• Built an API to track security criticality and maturity across ~1,000 services
• Reviewed numerous internal and external services, including: Apple Business Essentials, Schoolwork, Vision Pro, iCloud & Developer Console, Passkeys, APNs, Xcode Cloud

I drove the security program for Tableau’s customer-facing, production services.

Key Accomplishments:

• Architected and lead a cross-company production access management redesign
• Wrote a security “state of the union” report for C- and VP-level executives that was used as the foundation for creating the Tableau Online security program
• Represented security on multiple cross-company advisory groups; taught security principles at an lead engineers’ offsite; twice spoke at Tableau conference
• Built a static analysis tool for Terraform to identify security issues in the CI/CD pipeline

Within Tableau’s Information Security team I primarily worked with the teams running our corporate systems to ensure they were adequately secured, and lead security incident response.

Key Accomplishments:

• Defined and ran the programs for: secure AWS usage, security reviews, incident response, and risk tracking
• Architected and rolled out fundamental security technologies like corporate Public Key Infrastructure (PKI), vulnerability management; managed corporate SSO platform

As a security engineer for one of the largest cloud providers in the world, I was responsible for improving our incident response capability, delivering projects to make AWS’ Elastic Compute Cloud (EC2) more secure for our customers, and acting as the EC2 point of contact for the AWS Compliance team. I’ve built scale into every process, automating relentlessly.

Key Accomplishments:

• Represented EC2’s technical controls in four SOC 2 and two PCI audits with no findings
• Automated a manual review process of privileged commands run by EC2 engineers
• Committed over 60k lines of code to automate common incident response, reporting, and abuse case tasks
• Learned and taught my team new log diving techniques leveraging AWS services like Elastic MapReduce using Apache Pig scripts to gain further insight into our environment and to improve our incident response times

Working within Accenture’s Identity and Access Management (IAM) Security practice, I designed and implemented enterprise-wide security technologies such as endpoint protection and PKI to support smart cards. I was part of a small group working directly with the CISO of a large civilian federal department, advising on policy, program, and technical means of reducing risk.