Braxton Ehle

As a founding member of the Apple Services Engineering Security Team, I helped engineers understand and architect around risks to protect billions of users.

Key Accomplishments:

• Lead the security program for Apple’s internal on-prem and multi-cloud infrastructure platform that provided secure building blocks for developers across Apple with a focus on: IAM services, multi-tenancy, credential management, leadership readouts, and industry benchmarking.
• Developed the security review program to threat model Apple services and features
• Built an API to track security criticality and maturity across ~1,000 services - Reviewed hundreds of internal and external services including: Apple Business Essentials, Schoolwork, Vision Pro, iCloud & Developer Console, Passkeys, APNs, XCode Cloud

I drove the security program for Tableau’s customer-facing, production services.

Key Accomplishments:

• Architected and lead a cross-company production access management redesign
• Wrote a security “state of the union” report reviewed by C- and VP-level executives that was used as the foundation for creating the Tableau Online security program
• Represented security on multiple cross-company advisory groups; taught operational security principles at an lead engineers’ offsite; twice spoke at Tableau conference
• Built a static analysis tool for Terraform to identify security issues in the CI/CD pipeline

Within Tableau’s Information Security team I was responsible for operational security. I primarily worked with the teams running our corporate systems to ensure they were adequately secured, and lead security incident response.

Key Accomplishments:

• Redesigned and implemented the corporate Public Key Infrastructure (PKI)
• Managed the corporate SSO platform and defined the program for secure AWS usage
• Built security review, incident response, and risk tracking programs

As a security engineer for one of the largest cloud providers in the world, I was responsible for improving our incident response capability, implementing projects to make AWS’ Elastic Compute Cloud (EC2) more secure for our customers, and acting as the EC2 point of contact for the AWS Compliance team. I’ve learned to build scale into every process, automating relentlessly.

Key Accomplishments:

• Represented EC2’s technical controls in four SOC 2 and two PCI audits with no findings
• Automated a manual review process of privileged commands run by EC2 engineers
• Committed over 60k lines of code to automate common incident response, reporting, and abuse case tasks
• Learned and taught my team new log diving techniques leveraging AWS services like Elastic MapReduce using Apache Pig scripts to gain further insight into our environment and to improve our incident response times

Working within Accenture’s Identity and Access Management (IAM) Security practice, I designed and implemented enterprise-wide security technologies such as endpoint protection and PKI. I was part of a small group working directly with the CISO of a civilian federal department. Through my time with Accenture, I’ve learned how to quickly build relationships, learn security technologies, and apply them to meet the business and compliance needs of a large organization.