ALEX USECHE
Summary
Musician and composer with a background in music technology and a strong interest in film and visual media. Currently completing a Master of Arts in Music Technology with a focus on film music. Experience includes academic coursework, personal projects, and independent study in orchestration, synthesis, and music production. Passionate about exploring cultural identity through sound, and eager to grow through collaboration, feedback, and continued learning.
Overview
13
13
years of professional experience
Work History
Director of Security Engineering
Trail of Bits
10.2022 - Current
- Developed multiple strategies for continuous growth and development of the application security team.
- Developed frameworks for assessing the security and maturity of cloud native environments, testing strategies, and design and architecture of applications.
- Worked closely with the AI/ML director to create new assurance service offerings for ML systems, focused on safety and risk assessment methodologies and testing strategies
- Worked closely with sales and project managers to develop sales strategies for new services targeting cloud native security services
- Developed methodologies for conducting threat modeling assessments of distributed systems, software designs, and AI systems.
- Half the time was dedicated to hands-on code review audits, threat modeling, and tool development.
Lead Security Engineer
Trail of Bits
06.2021 - 11.2022
- Managed a team of 5 security engineers
- Developed and tracked goals for the application security team, and coordinated actions to make sure goals were accomplished
- Led efforts to create and publish public Semgrep rules, as well as processes for developing
- Establish the identity and improved cohesion of the application security team
- Developed assessments for the hiring process and conducted the majority of interviews for the application security practice
Security Engineer
Trail of Bits
08.2020 - 06.2021
- Primarily responsible for conducting code audits, focusing on Go security, dynamic analysis through fuzzing, functional and unit testing
- Reviewed applications written in a wide variety of languages, including C, C++, Rust, and Haskell
- Researched Go concurrency bugs, developed Semgrep rules, and led efforts to make our public Semgrep work public
- Developed static analysis tools for finding library specific Go vulnerabilities, as well as tools for Nomad security
- Developed new security features for SIEM applications for a client of the engineering and development practice
- Led code remediation efforts for a major client
Senior Application Security Consultant
nVisium
10.2018 - 08.2020
- Conducted manual and automated static analysis reviews of web, mobile, and IoT applications
- Developed and led trainings for Go and NodeJS secure coding practices
- Wrote several internal and public blog posts on IoT, cloud, and web security
- Mentored junior employees
- Conducted manual and automated static analysis reviews of web, mobile, and IoT applications
- Developed and led trainings for Go and NodeJS secure coding practices
- Wrote several internal and public blog posts on IoT, cloud, and web security
- Mentored junior employees
Senior Software Engineer / Lead Security Engineer
Catapult Systems
11.2017 - 10.2018
- Led the team from waterfall to agile based methods
- Implemented security processes for internal IT and application security
- Led efforts for becoming ISO 27001 certified
- Developed and supported existing .NET applications used
Security Analyst / Penetration Tester
Rapid7
06.2017 - 11.2017
- Conducted manual penetration tests for multiple clients using a wide array of security tools and techniques, including Linux and Windows based tools
- Assessments included external network, web application and API penetration tests, as well as vulnerability assessment
- Documented and communicated security risks and assessments to clients following Rapid7 standards in an efficient and clear manner
- Performed security tests for web applications developed internally, using security recommendations developed by OWASP and widely recognized security standards
- Developed penetration testing tools in Python and Go for automating enumeration and reconnaissance tasks
- Developed attacking tools in .NET Core for conducting penetration tests of modern .NET applications and architectures
- Conducted in depth research and presented findings on security risks and assessment techniques of modern web applications, including .NET, Angular and React based applications.
Consultant / Application Developer
Catapult Systems
05.2015 - 06.2017
- Developed data analysis tool using R, .NET and JavaScript for Dell
- Worked with Dell teams to create web application that made use of PowerBI data to facilitate the job of data analysts
- Developed and established standards for a common AngularJs based framework designed for Dell’s EDG system
- Configured automated deployment environments using Microsoft Azure technologies and VSTS
- Designed and developed .NET Core with Angular 2 based front apps for data analysis
- Developed backend software for CLEAResult for importing data into a CRM system using C# and .NET
- Developed complex data integrations systems using Python to dynamically import data from clients to a CRM system
- Led development of an UI application for Dell Switches, maintaining effective and productive communication with designers and hardware engineers
- Modeled and data structures and back end controllers using C#, Web API and the MVC 5 .NET framework
- Developed an AngularJs and JavaScript based framework for Dell’s Cloud Client Computing group for developing a wide variety of web applications
- This involved creating Angular directives for multiple reusable web components such as custom tables, login interfaces, etc
- Maintained a closed relation with clients, communicating design and architecture requirements in an efficient way
- Penetration Tester
- Penetration tester for diverse clients
- Conducted code reviews (PHP and Objective-C applications) and penetration tests using automated tools and manual tests
- Created custom Python scripts for reconnaissance and data gathering tasks
- Use debugging tools to find ways to circumvent authentication of government applications.
Application Developer
Walt Disney World Parks and Resorts
08.2014 - 05.2015
- Designed, architected and developed an application that allows team members of the POS team to coordinate tasks between team members by interacting with a series of “sticky notes” in a web based SCRUM board using .NET MVC 5 and AngularJS
- Application currently in use as scrum board
- Developed a system to allow contractors with limited system access to perform server configuration and administration tasks using .NET and Angular JS
- Created a modular dashboard application that allows for the development of “widgets” for team communication and reporting using data visualization tools and techniques
- Developed a widget for real time announcements.
Mobile Applications Developer
08.2012 - 08.2014
- Designed and developed an iPad application for Tampa’s Mary Lee’s House (a child protection and advocacy center) to help children who enter the center communicate with staff members regarding possible abuse that they may have experienced
- Currently in daily use.
Education
Master of Science - Computer Science
University of West Florida
12.2015
Masters of Arts - Instruction Design and Technology – Systems Design
University of Central Florida
01.2013
Bachelors of Science - Information Technology
Western Governors University
01.2011
Skills
- DAWs: Logic Pro, Pro Tools, and Ableton
- Instruments: acoustic and electric guitar, piano, bass, Venezuelan cuatro, banjo
- Misc: Experienced using semi-modular hardware and software synthesizers and drum machines
Music Contacts
- Electronic Press Kit: https://soundsabotage.bandzoogle.com/
- Website: https://soundsabotage.com/
- YouTube: https://www.youtube.com/channel/UCh-TnPownCnEjzwJzxvtLQw
Music - Academics Education
Southern Utah University
Spring 2023 - Fall 2025 (completing this December, 2025)
- Masters of Arts in Music Technology, Film Music Emphasis.
- Coursework included but was not limited to: MIDI Orchestration, Scoring for Film, Video, & TV, Film Music Analysis, Electronic Sequencing, and Music Business & Brand Promotion.
Beatkitchen
December 2022 - December 2023
- Completed courses on Logic Pro, Music Synthesis, Mixing and Effects
- Completed three 3 month long incubators (Songwriting, Production, and Mixing) where a small group collaborated on songs, provided feedback to each other, while developing on music skills.
Elvtr Cinematic Music Composition
- Six week course with Timothy Williams as the instructor
Music - Projects
Sound Sabotage
- Sound Sabotage is the name of a music project I created to explore and experiment my musical influences. The music mixes dark ambient and post-rock with electronic and acoustic instruments, and is deeply influenced by my cultural roots.
- A major focus on this project for me has been creating video collages, using bits and pieces of videos available in the public domain to add a visual components to the music I create.
________________________________________________________________
Non-music specific experience and education is listed below.
Publications
- ToorCon 2021 · Oct 12, 2021 - Fuzzers, analyzers, and other Gophers insecticides
- Ekoparty 2020 · Oct 28, 2020 - Anatomy of a Gopher - Binary Analysis of Go Binaries
- r2con 2020 · Sep 4, 2020 - Radare2 & Gophers - analysis of Go binaries with r2
- SANS Pen Test HackFest & Cyber Ranges Summit · Jun 4, 2020 - Anatomy of a Gopher - Binary Analysis of Go Binaries
- LASCON · Oct 25, 2019 - Reversing Client-Side JavaScript Using the Chrome Dev Tools Protocol
- Rocky Mountain Information Security 2019 · Jun 5, 2019 - Angular for Pentesters
- DevOpsDays Austin · May 2, 2019 - Adapting Agile for Small SOC Teams with Azure DevOps: How-to and Lessons Learned
- 18th International Conference on Artificial Intelligence · Jul 29, 2016 - An Intelligent Web-Based System for Measuring Students' Attention Levels
Timeline
Director of Security Engineering
Trail of Bits
10.2022 - Current
Lead Security Engineer
Trail of Bits
06.2021 - 11.2022
Security Engineer
Trail of Bits
08.2020 - 06.2021
Senior Application Security Consultant
nVisium
10.2018 - 08.2020
Senior Software Engineer / Lead Security Engineer
Catapult Systems
11.2017 - 10.2018
Security Analyst / Penetration Tester
Rapid7
06.2017 - 11.2017
Consultant / Application Developer
Catapult Systems
05.2015 - 06.2017
Application Developer
Walt Disney World Parks and Resorts
08.2014 - 05.2015
Mobile Applications Developer
08.2012 - 08.2014
Master of Science - Computer Science
University of West Florida
Masters of Arts - Instruction Design and Technology – Systems Design
University of Central Florida
Bachelors of Science - Information Technology
Western Governors University
Similar Profiles
Farrell GallagherFarrell Gallagher
Volunteer at Trail Daze With Sierra Buttes Trail StewardshipVolunteer at Trail Daze With Sierra Buttes Trail Stewardship
Himabindu PanthatiHimabindu Panthati
Senior Appian Developer at Bits In Glass Pvt LtdSenior Appian Developer at Bits In Glass Pvt Ltd
Courtney BurnsCourtney Burns
Bartender/ Server at BitsBartender/ Server at Bits
Devon Blackshear, CISSPDevon Blackshear, CISSP
Director, Security Engineering at FabFitFunDirector, Security Engineering at FabFitFun
Durga Surya Kumar SimmaDurga Surya Kumar Simma
Director, Security Engineering at Coupa SoftwareDirector, Security Engineering at Coupa Software