Jonathan Foote

Jonathan Foote

Security and privacy in Pittsburgh, PA, USA

About

Engineering, security and privacy R&D in high tech.

Work Experience

2021 — Now
Pittsburgh, PA (Remote)

Security and privacy product R&D. Building and running the bot management product engineering team. Some carryover responsibilities from my previous roles.

2020 — 2021
Pittsburgh, PA (Remote)

Executed all-things-security for Fastly through IPO and developed technology behind Fastly’s core products.

2014 — 2015
Pittsburgh, PA (Remote)

Offensive security.

Penetration testing, vulnerability assessments, training development and delivery, business development. Ranked among top producing consultants. Privileged to work with some awesome hackers.

2011 — 2014
Pittsburgh, PA

Bootstrapped vulnerability discovery fundamental research program, from pitch, funding, to execution.

Directed research as primary investigator. Created systems and tools, researched, and developed business on behalf of lab stakeholders.

2006 — 2011
Northrop Grumman Electronic Systems
Baltimore, MD
2005 — 2005
US Department of Defense
Fort Meade, MD
2004 — 2004
ISC systems team intern at IBM Microelectronics
Burlington, VT

Designed and implemented improvements to chip fabrication simulation and planning engine. Nominated by IBM for PSU Internship of the Year.

Education

2022 — 2024
2021 — 2021
Privacy Engineering Certificate at Carnegie Mellon University
2008 — 2010
Masters of Business Administration at Loyola University Maryland
2001 — 2005
Bachelors of Computer Science at Penn State University

Graduated with Distinction

Projects

2023

Built and led the team that developed Fastly's Bot Management product.

2021

C2PA is a way to tell where media came from. I actively collaborated with other members to develop and publish the first version of the C2PA technical specification, through 2022. I also co-chaired the threats and harms taskforce in 2021.

2019

Worked with some legit geniuses to invent Fastly Compute's tech. Supported an amazing team that developed it into a product.

2018
Security program at Fastly

Acted as tech lead in developing and executing Fastly's security program. 2015 ish - 2019 ish.

2013
Vulnerability Discovery Research Program at Carnegie Mellon University SEI CERT

I was a research lead at SEI CERT. I needed an above-board way to fund collaboration with CMU, so I bootstrapped CERT's DoD fundamental research program. Soup to nuts, including funding. The university research grew into a commercial spin-out.

Side Projects

Ongoing

Projects, demos, and PoCs. Some more popular than others. Mostly infosec and privacy related. All available on Github.

2017

Also presented at ArcticCon 2018 and as a less formal talk at Duo. I linked that version here since it is on YouTube.