I build and lead security and cloud infrastructure organizations. Not the “add a firewall and call it done” kind. The kind where secure delivery is the default, compliance is an engineering problem, and the platform doesn’t page you at 3 AM.

There’s a pattern in my career: I walk in, build the thing, and end up running it. DevOps Manager to Director to VP of Operations at one company. Founding engineer to team lead to manager at another. Then a deliberate move to a 6,000-person public company to lead security engineering at enterprise scale. Some people climb one ladder. I’ve built things at every altitude, from founding engineer to executive, and I chose breadth over a linear title march.

How I operate:

→ Guardrails over gates. Engineers should ship fast because the platform is safe, not because security waved them through.

→ Compliance is an engineering problem. If your audit prep takes 6 weeks of manual evidence gathering, that’s a systems failure.

→ Reduce risk, reduce toil, reduce MTTR. Everything else is theater.

→ Build teams that outlast you. Hire for judgment, develop for ownership, protect your people from organizational noise.

Operating History

Pure Storage

Security Engineering Manager | January 2026 – Present

Leading infrastructure security, product security, and DevSecOps for Pure Storage’s Digital Experience business unit, the company’s SaaS arm serving enterprise customers.

→ Owns security posture for 200+ cloud services across AWS
→ Driving SOC 2 compliance automation program. Inherited 0% automation baseline, building toward 50%+ automated evidence gathering across all DX teams
→ Building the Infrastructure Security team from the ground up. Hiring, tooling, process
→ Partnering cross-functionally with Security Architecture, TPM, and central security teams

Wherobots

Head of Cloud Infrastructure | March 2024 – January 2026

Founding cloud infrastructure engineer at a geospatial AI company (Apache Sedona creators). Joined at seed stage, tenured through the Series A raise, and grew from engineer to team lead to manager.

→ Led platform evolution from monolith to distributed architecture. Separated control/data planes, enabled multi-region capability, and hardened security controls as the platform scaled
→ Led SOC 2 and HIPAA compliance initiatives. First compliance programs in company history
→ Owned company-wide cybersecurity: threat detection, incident response, vulnerability management
→ Hands-on architect and people leader simultaneously. Startup demanded both

Environment: AWS, Kubernetes (EKS), Terraform, GitHub Actions

Qwiet AI (formerly ShiftLeft) → Acquired by Harness.io

VP / Head of Cloud & Cybersecurity Operations | March 2022 – January 2024

Led cloud operations and security for an application security company (SAST/SCA) through its rebrand from ShiftLeft to Qwiet AI.

→ Reduced infrastructure costs by 30% while improving uptime to 99.95% through architecture optimization, not just turning things off
→ Helped build a globally distributed engineering team. Led the local DevOps and Security operations with defined KPIs and SLAs
→ Owned SOC 2 compliance operations, cloud platform reliability, and security posture
→ Streamlined team processes and operational cadence for a distributed engineering org

ShiftLeft, Inc.

VP of Operations (2021 – 2022)
Director, DevOps, TechOps & Security Operations (2019 – 2021)
DevOps Manager (2017 – 2019)

Built the operations function from the ground up as a founding team member at a 50-person application security startup, then grew into leading it.

→ Led SOC 2 Type II attestation in roughly 7 months. Before the era of compliance automation platforms
→ Managed DevOps team (2 direct reports) and IT operations (manager + 1 report). Still very hands-on day-to-day despite the VP title. Startup life
→ Incident commander for production and security events
→ Cross-functional leadership across engineering, product, sales, customer success, IT, and HR. Largely driven by the SOC 2 initiative touching every part of the org

This was the role where I learned that operations leadership isn’t about the tools. It’s about building systems that let engineers move fast without breaking trust.

CloudPhysics → Acquired by HP Enterprise

Principal Engineer, DevOps & SRE | March 2014 – January 2017

DevOps and SRE for a hybrid cloud analytics company.

→ Achieved 99.9% platform uptime through automation and scalable CI/CD practices
→ Implemented Infrastructure-as-Code, reducing provisioning time by 70%
→ Built deployment consistency and operational foundations for the platform

The Rest

Fluent in Vietnamese, Cantonese, Mandarin, and Hokkien. Lifelong learner, perpetual skeptic of buzzwords, and always interested in teams that treat security & cloud operations as a competitive advantage.